HackDig : Dig high-quality web security articles for hackers

Where 2 worlds collide: Bringing Mimikatz et al to UNIX

2019-09-19 17:35

Presentation on Active Directory integration solutions for UNIX (as given at Black Hat Europe 2018).

Over the past fifteen years there’s been an uptick in “interesting” UNIX infrastructures being integrated into customers’ existing AD forests. Whilst the threat models enabled by this should be quite familiar to anyone securing a heterogeneous Windows network, they may not be as well understood by a typical UNIX admin who does not have a strong background in Windows and AD. Over the last few months we’ve spent some time looking a number of specific Active Directory integration solutions (both open and closed source) for UNIX systems and documenting some of the tools, tactics and procedures that enable attacks on the forest to be staged from UNIX.

This talk describes the technical details regarding our findings. It includes Proof of Concepts (PoC) showing real-world attacks against AD joined UNIX systems. Finally, potential solutions or mitigation controls are discussed that will help to either prevent those attacks or at the very least to detect them when they occur.

Tools referenced in this talk include:

724.9 KiB
MD5 hash: cc712c5e46b16fbff22a2566b1248a91

The post Where 2 worlds collide: Bringing Mimikatz et al to UNIX appeared first on Portcullis Labs.

Source: /xinu-ot-la-te-ztakimim-gnignirb-edilloc-sdlrow-2-erehw/snoitatneserp/ku.oc.silluctrop.sbal

Read:1473 | Comments:0 | Tags:Presentations analysis auditing Black Hat Europe blue team c

“Where 2 worlds collide: Bringing Mimikatz et al to UNIX”0 Comments

Submit A Comment



Blog :

Verification Code:


Tag Cloud