Title: Understanding and Attacking Delegations in Active Directory
Presenters: Venkatraman K (@r3dw0lf)
Track: In The Weeds
Time: 0900
Virtual BSides San Antonio 2021
June 12th, San Antonio, Texas
Abstract:
Active Directory is used by more than 90% of Fortune 1000 companies, the all-pervasive AD is the focal point for adversaries. The Kerberos delegation feature in Active Directory (AD) is an impersonation type present since AD was introduced in Windows 2000. This Paper would demonstrate a set of attack scenarios for each type of delegations feature of Active Directory.
This presentation would explain the basics of kerberos authentication protocol, delegation feature with its types and abuse cases for each type. Delegation types :
1. Unconstrained Delegation
2. Constrained Delegation
3. Resource Based Constrained Delegation
The timeline of the presentation is briefed below:
Basics of Kerberos Authentication Protocol:
1.1 What is Kerberos authentication ?
1.2 What is KDC, TGT and TGS ?
1.3 Briefing the authentication flow?
Delegation Process:
2.1 What is Delegation ?
2.2 Briefing the common authentication flow
2.3 Types of Delegation
Unconstrained Delegation:
3.1 Explaining unconstrained delegation along with authentication flow
3.2 Explaining the configuration perspective in the domain controller
3.3 Demo of Abusing Unconstrained Delegation
Constrained Delegation:
4.1 Explaining constrained delegation along with authentication flow
4.2 Explaining the configuration perspective in the domain controller
4.3 Demo of Abusing Constrained Delegation
Resource Based Constrained Delegation:
5.1 Explaining resource based constrained delegation along with authentication flow
5.2 Explaining the configuration perspective in the domain controller
5.3 Demo of Abusing Resource Based Constrained Delegation
Speaker Bios:
My name is Venkatraman K (goes by r3dw0lf_sec handle ), a passionate Information Security enhtuiast from India. I’m currently working as Security Analyst in a Cyber Security Startup. With over 3 years
working in the different subdomains of cyber security, I constantly find myself engaged with
learning, reading, discussing info-sec, participate in the CTF Challenges, conducting
workshops and webniars on cybersecurity, participating in bug bounty programs, writing
blogs and spent my weekend nights solving Hackthebox Challenges. I am specialized in Red Teaming and Active Directory exploitation. Follow my blog (r3dw0lfsec.in) for awesome Infosec Articles.