Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Active Directory

    Загружено:

    Harsh Thakur
    20 просмотров19 страниц

    Оригинальное название

    ACTIVE DIRECTORY .pptx

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PPTX, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PPTX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    20 просмотров19 страниц

    Active Directory

    Загружено:

    Harsh Thakur

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PPTX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 19

    ACTIVE DIRECTORY

    FOR
    HACKER’S DELIGHT
    NULL/OWASP/G4H BANGALORE MEET
    About me
    ● Harsh Thakur
    ● Twitter : @harsh_thakur_1
    ● Null : N3o
    ● Blog: medium.com/harsh-thakur
    ● Github : github.com/mycryptonite
    ● Linkedin: harsh-thakur
    Contents of the series
    1. Understanding Active Directory
    2. COM
    3. WMI
    4. Vbscript
    5. Powershell
    6. .NET framework
    Few of the hands on session topics include

    1. Setting up labs
    2. AD recon, fancy payload delivery mechanisms,etc
    3. AD privilege escalation
    4. Whitelist bypass methods
    5. Persistence
    So what is Active Directory
    and why use it?
    ● Directory Service for Windows Domains

    Features:

    ● Management and storage


    ● For AAA( Accounting, Authentication and
    Authorization)
    ● Certificate Services , AD FS , etc
    Things to know about

    ● Objects
    ● Logical Division in AD network(
    Forests, Trees and Domains)
    ● Organizational Units
    ● Trusts
    Objects in Active Directory

    Two Types:

    ● Resources like printers,shares,etc


    ● Security principals like user accounts

    Each Security principal has a unique SID


    Trusts
    1. Parent-Child trust: Automatic: Two way
    2. Tree-Root trust : Automatic: Two way
    3. Shortcut trust:Manual: One/Two way
    4. Forest trust : Manual: One/Two way

    All of the above are transitive in nature and can


    use kerberos v5 or ntlm for authentication

    Contd...
    5. External - Manual- One way
    This is non-transitive and uses only NTLM for auth.

    6. Realm - Manual - One way / Two way


    Transitive/Non-Transitive and uses only kerberos v5
    Trust Domain Objects
    When Domain Trust is created:

    ● Domain Name, SID


    ● Trust Type, Transitivity
    ● Reciprocals
    Trust Domain Objects
    When Forest trust is created:

    ● Domain and child domain tree names


    ● UPN and SPN suffixes
    ● SID namespaces used in other forest
    Do forest root domains of
    each forest know all of the
    trust relationships
    throughout the
    environment?
    Windows Netlogon Service

    ● Computes the trust path through an


    authenticated RPC between the
    requesting and requested DC.
    Scope of
    Authentication
    1)Forest-wide
    Authentication
    2)Selective Authentication
    Thank you

    Вам также может понравиться