2023 Source Zero Con

Pre-Windows 2000 Backdoors and Bypasses

Thursday, June 22  |  11:45 a.m. - 12:30 p.m. ET

In active directory, possession or control of computer accounts facilitate several cases of abuse for red teamers such as persistence, lateral movement, and privilege escalation. With this in mind, defenders have hardened environments to prevent arbitrary creation of machines or to join machines to the domain. This presentation will demonstrate how administrators are mistakenly introducing backdoors into their environments and how red teamers can leverage these backdoors to bypass domain restrictions to perform their malicious actions and potentially add new TTPs to their toolkit.


Garrett Foster