In the current issue of iX magazine 12/2020 Frank Ully, Chief Technical Officer of Oneconsult Deutschland GmbH, continues the previous article of the series and explains further methods how attackers can use previously collected data to gain higher privileges in the Active Directory.
To escalate their privileges, attackers exploit, among other things, attack points in the Kerberos authentication protocol, misconfigurations in the assignment of privileges and group policies, and members of privileged groups.
Read the fifth article (available in German only) of the multi-part series on Active Directory security to learn more:
- iX 12/2020, S. 92-100: Roasting, Rechte, Richtlinien: Wie Angreifer sich im Active Directory Zugriff verschaffen – Frisch geröstet (PDF)
Click here to view the full 12/2020 issue of iX magazine (available in German only).