0:39 Whoami 3:59 Microsoft Remote Desktop Services (RDS) Roles 6:47 How to compromised and investigate a RDS infrastructure (Gaining an initial foothold) 21:08 How to compromised and investigate a RDS infrastructure (Breaking out of RDS) 28:04 How to compromised and investigate a RDS infrastructure (Additional compromise) 28:59 How to compromised and investigate a RDS infrastructure (Additional compromise - Demo) 32:27 How to compromised and investigate a RDS infrastructure (Real World Attack Case#1) 35:46 How to compromised and investigate a RDS infrastructure (Real World Attack Case#2) 38:34 How to compromised and investigate a RDS infrastructure (Recommendation)
@udirt8 ай бұрын
I'm at the first cacti issue and already pray things start getting harder over the duration of the talk
@saifnoorprottoy8 ай бұрын
Nice Presentation! We know your company for writing amazing articles (with rigorous technical details) too!!
@Frostyfication9 ай бұрын
Here in Finland Mikko is know as "the rockstar of cyber security". Anyone watching this keynote will immediately see why.
@VilleSarmiola7 ай бұрын
Indeed, Mikko likes to talk and we like to listen Mikko talk about things.
@baolam46169 ай бұрын
00:05 🕵 Introduction to powerful Windows coercion techniques 00:50 🔓 PetitPotam for initial access via encryption service 05:00 🖨 PrinterBug abuses print spooler for foothold 10:07 💥 ADCS attack for instant domain admin access 18:41 📧 Outlook vuln to steal user credentials 20:19 🔌 NTLM relay for privilege escalation 27:06 🗝 Abusing machine accounts for lateral movement 31:30 🎫 Kerberos delegation misconfigs for domain admin 39:56 🔒 Mitigations that can stop these attacks 44:32 🏁 Summary - lethal techniques, implement defenses
@Joe-tw6hk9 ай бұрын
Theems neither the Whitepaper nor the SAP Logs Collector are available at the links shown in the talk.
@beecee7939 ай бұрын
Mikko is amazing and I love most of his talks, but the hype and spookiness over the AI/image gen showed his misunderstanding a bit. It really started to go off the rails a bit there when it comes to sensationalism :/
@Frostyfication9 ай бұрын
The sensationalism has a purpose. The AI alignment problem is real, and it's not being discussed nearly enough. It is not as bad as Mikko made it sound - it's actually worse. Unfortunately most of the AI "experts" are still in the Dunning-Kruger valley in their knowledge, therefore completely underestimating the threat.
@beecee7939 ай бұрын
@@Frostyfication I disagree with you. What he did was wrong and lessened his credibility greatly.
@Frostyfication9 ай бұрын
@@beecee793I'd rather be wrong in this case.
@beecee7939 ай бұрын
@@Frostyfication I'd rather not be wrong in any case.
@j.goerlich32279 ай бұрын
19:12 When comparing to the description given in SAP Note 2216306, one hase to refrain from setting values for which it is stated 'In the case of an RFC logon in the same system with the same user and client, no authorization check is executed.' and additionally the ones which only take effect for some FuBas 'if this is called from SAP GUI' (for other reasons). Knowing this, I end up with the value '2' (obsolete) and '9'. For the value '9' SAP states 'this value scarcely brings about any security improvement in comparison with the value 6.' It seems this statement misses the while internal conversation scenario. SAP should reconsider their recommendation. 47:13 Some month ago, I convinced SAP to make an adjustment in the UCON framework, as it blocked the assignment of certain function modules (mostly of group SRFC) to the SNC_CA. The fix was provided in SAP note 3352382.
@XantheFIN10 ай бұрын
Who gave ChatGPT the money to pay humans for cracking the code?
@gargelblast10 ай бұрын
Maybe helpfull: Main Security Issues Fixed Code Vulnerabilities: The speaker mentions that Nissan had fixed code vulnerabilities that could be exploited. Remote Unlocks: There are vulnerabilities that allow for the remote unlocking of entire vehicle fleets due to flaws in the Series XM head unit operating system. Internal Architecture: The speaker mentions that vehicles have bad internal architecture, making them susceptible to various kinds of attacks. Weak Authentication: The talk discusses the use of weak methods for authentication, such as byte additions and single-digit integer additions for seeds, which can compromise vehicle security. Backdoors: Some systems have backdoors implemented that are outside the scope of requirements, leading to potential security risks. Telematics Unit: Newer vehicles have telematics units for connectivity, which if not properly secured, can act as a starting point for mass exploitation. Poor Design Choices: The speaker mentions that poor design choices, such as direct access to internal buses behind headlights, can lead to devastating results. Bootloaders: The talk discusses vulnerabilities in the bootloader section of ECUs, which can be exploited if not properly secured. Battery Isolator: In electric and fuel cell vehicles, the battery isolator can be exploited to reset the whole vehicle and gain access to boot processes. Regulatory Gaps: The speaker mentions that current regulations, set to come into effect in 2024, may not be sufficient to ensure vehicle cybersecurity. Would you like to delve deeper into any of these points?
@nicolaferri830010 ай бұрын
Turns out the shills were real (fake) the whole time
@SebastianHaasDotDe11 ай бұрын
Passend zur Defcon 😄
@NeverGiveUpYo11 ай бұрын
Nice stuff. Thanks for sharing.
@anirbandas625711 ай бұрын
That’s a great way to look at it.
@ArztvomDienst11 ай бұрын
So, did anyone challange Mikko on the fireball? :D Great keynote, looking forward for the rest of the talks to get uploaded!
@TROOPERScon11 ай бұрын
Yes indeed, quite some people did. However, what Mikko didn't tell (as it's for a good cause of course): He's a pro! ;-)
@makingtechsense126 Жыл бұрын
I'm not even done watching the video but wanted to make sure to leave a comment. THANK YOU, for putting the slides into the video in a readable fashion and not just relying on video footage of the projector screen at the conference.
@serpent213 Жыл бұрын
👍🏻
@petrovasyka8 Жыл бұрын
Does this log injection works on linux based?
@MillionaireJourneys1 Жыл бұрын
Great presentation! Very interesting. Good job.
@danielisaac7586 Жыл бұрын
North Korea also has no crime rate and people don't even dare throw trash on the street or steal things. Why do you guys always bash them? And how is any of this a bad thing?
@SebastianHaasDotDe Жыл бұрын
Sound is fixed at 5:30
@Cyolox Жыл бұрын
👏
@jakub3215 Жыл бұрын
Terrible, terrible sound
@MygenteTV Жыл бұрын
wow this is crazy good work. this class should be in the millions view
@magic8bol Жыл бұрын
Man, she really had to kick my boy Albert while he was down
@idocare6538 Жыл бұрын
Good stuff but why not just say this is for Penetration testing? I like seeing Python and Unix but also PoSH. It is MSFT after all and you left out their best scripting language.
@aakash18in Жыл бұрын
Thank you!
@silkekoltermann1021 Жыл бұрын
Very well done, my son ❤️
@theleafeon8345 Жыл бұрын
I like how it goes from a German accent to “Howdy y’all🤠”
@shubham0d Жыл бұрын
Amazing talk. Need to be more popular. I really appreciate the fact that basics of hypervisor is covered along with security aspects.
@reijin999 Жыл бұрын
proud to say i patch dell iDRAC bmc but ummm everything else is lacking
@gabrielluizbh Жыл бұрын
Link to download pdf offline.
@garymcgraw9181 Жыл бұрын
This was such a fun talk to give. The TROOPERS conference is excellent.
@JohnJohn-sf1df2 жыл бұрын
Love this presentation! Thanks ropnop!
@einsteinalain72 жыл бұрын
Lies all lies
@RonaldBartels2 жыл бұрын
So are VLANs in the DMZ still a holy cow?
@nimaforoughi30082 жыл бұрын
Where is the slideshows file?
@nimaforoughi30082 жыл бұрын
IT WAS AWESOMEEEEEEE!!!!!! I don't know why it has not reached #M likes yet.!!! I Learned a lot, it clarified many of the blurry concepts in Kerberos and LDAP for me. Thank you man, you are amazing.
@icarus16562 жыл бұрын
simply amazing
@sammyelliott092 жыл бұрын
really good information here. much helpful information. thank you for uploading.
@marcellogambetti94582 жыл бұрын
april, first...but no joke here
@marklimbrick2 жыл бұрын
Why can you not hack it into a covert data collection trojan, then return to DPRK?
@notacatiswear28492 жыл бұрын
hello /x/
@visheshsux2 жыл бұрын
man. the world's a weird place.
@Stealthwick3 жыл бұрын
More recent firmware adds rolling encryption - this makes a good case to go ahead and update if you have not yet done so!
@joeblack020519993 жыл бұрын
hello .. is the presentation available?
@Catswhiskerdetector3 жыл бұрын
The screenshot part really weirded me out. Great talk
@jimivie3 жыл бұрын
Information packed talk well done!
@bilmantender58123 жыл бұрын
Wow. That's one neat bag of tricks. Really wonder what graveyard speaking-slot they had to get so little audience feedback (claps).
@kisskaspersi14603 жыл бұрын
h`l gues gооt. the trast to mes to straik. but lama partishen categories to see jpg gaid. dot spectrum to go to jop