Malicious Use of Microsoft Local Administrator Password Solution

Explore a conference talk from Hack.lu 2017 focusing on the malicious exploitation of Microsoft's Local Administrator Password Solution (LAPS). Delve into the research conducted by Maxime Clementz and Antoine Goichot, who uncovered methods to gain unauthorized access to local administrator credentials and manipulate password generation in post-exploitation scenarios. Learn about the potential privilege escalation risks associated with certain LAPS deployment methods. Witness live demonstrations of these attack scenarios and gain insights into LAPS' inner workings. Understand the researchers' interactions with the Microsoft Security Response Center regarding their findings. Benefit from the expertise of two experienced cybersecurity professionals from PwC Luxembourg as they share their latest vulnerability research and security insights.