Explore a critical vulnerability in DCOM's remote attack surface that allows privilege escalation from Domain User to Domain Admin in Windows enterprise networks. Delve into the journey of discovering "CertifiedDCOM," covering DCOM internals, the conversion of local attack surfaces to remote ones, and the exploitation process to compromise Active Directory. Learn about the role of AD CS (Active Directory Certificate Service) in this exploit chain and understand how attackers can potentially take over an entire Active Directory with only Domain User privileges. Gain insights into Windows security research, including the "Potato" exploits and Kerberos Relay attacks, while uncovering new possibilities for remote DCOM abuse.
CertifiedDCOM - The Privilege Escalation Journey to Domain Admin with DCOM
Overview
Syllabus
CertifiedDCOM: The Privilege Escalation Journey to Domain Admin with DCOM
Taught by
Black Hat
Related Courses
-
Privilege Escalation with Certify
-
Active Directory Pentesting Full Course - Red Team Hacking
-
The Complete Pentesting and Privilege Escalation Course
-
Advanced Windows Privilege Escalation with Hack The Box
-
10 Years of Windows Privilege Escalation with Potatoes
-
Supporting and Troubleshooting Windows 11 (Live Online)
