Explore advanced red team techniques and strategies in this conference talk from Converge 2017. Delve into topics such as SYSVOL exploitation, unattended file searching, token impersonation, SPN ticketing, and Shellter evasion. Learn about workflow development, prevention methods, and practical applications of these techniques. Gain insights into the red team perspective and understand how to enhance your organization's security posture through this comprehensive presentation.
Overview
Syllabus
Intro
Disclaimer
Red Team Overview
Presentation Goals
Assumptions
Workflow Development Equation
SYSVOL Exploitation
SYSVOL Exploit Prevention
Unattended File Searching
Token Impersonation
Get Tokens
Impersonate Tokens
SPN Ticketing
Requesting SPN Tickets
Cracking SPN Tickets
Shellter Evasion
Shellter Payload Delivery
Hail Mary
Summary