![]() ![]() Attackers leverage access (though not always privileged access) to compromise Active Directory. Often the full impact of what access a group actually has is not fully understood by the organization. The challenge is often determining what access each group actually has. I have had this post in draft for a while and with Bloodhound now supporting AD ACLs (nice work Will & Andy it’s time to get more information out about AD permissions. Examples in this post use the PowerView PowerShell cmdlets. When we perform an Active Directory Security Assessment for customers, we review all of the data points listed in this post, including the privileged groups and the rights associated with them by fully interrogating Active Directory and mapping the associated permissions to rights and associating these rights to the appropriate groups (or accounts). This post details how privileged access is delegated in Active Directory and how best to discover who has what rights and permissions in AD. I covered ways to enumerate permissions in AD using PowerView (written by Will during my Black Hat & DEF CON talks in 2016 from both a Blue Team and Red Team perspective. Active Directory Recon is the new hotness since attackers, Red Teamers, and penetration testers have realized that control of Active Directory provides power over the organization. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |