from user to domain admin: a step-by step guide on how to be a little evil
Post on 12-Apr-2017
96 Views
Preview:
TRANSCRIPT
From User to Domain Admin: A Step-By-Step Guide on
How to Be a Little Evil
Paula Januszkiewicz CQURE: CEO, Penetration Tester / Security Expert
CQURE Academy: Trainer
MVP: Enterprise Security, MCT
Contact: paula@cqure.us | http://cqure.us
New York, Dubai, Warsaw
@paulacqure
@CQUREAcademy
Upcoming Workshops: 7th -11th of March – NYC – Hacking and Securing Windows Infrastructure
4th – 8th of April – NYC – Hacking and Securing Windows Infrastructure
2nd – 6th of May – NYC - Hacking and Securing Windows Infrastructure
Please Contact our office in United States office and mention BeyondTrust!
info@cqure.us
Exclusive discounts for all attendees in today’s seminar.
Offline access allows someone to bypass a system’s security
mechanisms Useful in critical situations
Almost every object that contains information can be read
offline It is a minimal privilege for the person with good intentions
It is a maximum privilege for… everybody else
Simplified offline access is acceptable if you do not value
your information
Potential Attacker Pathways
Services • When used as a part of software that was not installed in %systemroot% or %programfiles%
• Installed in a folder with inappropriate ACLs
Permissions • Should be audited
• Should be set up as a part of NTFS, not as a part of shares
BackupRead / BackupWrite • Copy operation that is more important than ACLs
• Used by backup software
Summary
Learn how to detect malicious situations
Know your system when it is safe – you need a baseline
If you detect a successful attack – do not try to fight
Report the issue
Investigate or do a penetration test /IT Audit
Estimate the range of the attack
Know how to recover your data, when necessary
Retina Enterprise
Vulnerability
Management Alex DaCosta
Product Manager
Network Security
Scanning
Enterprise Vulnerability
Management
Dynamic Web
Application Scanning
Cloud-Based
Perimeter Scanning
Privileged Password
Management
Privilege
Management
Auditing &
Protection
Active Directory
Bridging
The BeyondInsight IT Risk Management Platform
EXTENSIVE
REPORTING
CENTRAL DATA
WAREHOUSE
ASSET
DISCOVERY
ASSET
PROFILING
ASSET SMART
GROUPS
USER
MANAGEMENT
WORKFLOW AND
NOTIFICATION
THIRD-PARTY
INTEGRATION
Retina Vulnerability Management Solutions
PowerBroker Privileged Account Management Solutions
ADVANCED THREAT
ANALYTICS
NETWORK
INFRASTRUCTURE
MOBILE, VIRTUAL
AND CLOUD
APPLICATIONS &
DATABASES SERVERS & DESKTOPS
ACTIVE DIRECTORY,
EXCHANGE, FILE SYS.
Demonstration
Poll
Q&A
Thank you.
top related