A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


The Backup Operators Guide to the Galaxy - Dave Mayer Derbycon 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

The Backup Operators Guide to the Galaxy
Dave Mayer
Derbycon 2019

Backup Operator accounts are ubiquitous and often overlooked by both blue and red teams.These accounts have abusable permissions and are rarely maintained properly.In this talk we will examine and demonstrate novel techniques to stealthily compromise Active Directory through the Backup Operator?s account.We will use the Backup Operator account to gain local Admin privilege, establish persistence, and pivot laterally throughout a domain.However, all is not lost in that we can further lockdown our systems and enable auditing measures to deter and detect these attacks.

Dave Mayer is a Senior Security Consultant with InGuardians, specializing in Red Teaming and Penetration Testing. Previously he was on the Red Team for a global financial organization where he performed Red Team engagements, internal and external penetration tests, and product testing. Prior to that he worked within healthcare as an Information Security Generalist.

@dmay3r

Back to Derbycon 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:


    If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

    Copyright 2019, IronGeek
    Louisville / Kentuckiana Information Security Enthusiast