So I Became a Domain Controller

Explore a conference talk from Black Hat that delves into the exploitation of Active Directory replication protocols. Learn how SAMBA's implementation of these protocols, while long-standing, was challenging to abuse, particularly on Windows operating systems. Discover the breakthrough achieved by the lsadump::DCSync feature in mimikatz, which enabled red teamers to extract crucial secrets for Kerberos token abuse and even impersonate domain controllers. Gain insights into how this technique provides read access to the AD database, potentially compromising network security. Presented by Benjamin Delpy and Vincent Le Toux, this 42-minute session offers valuable knowledge for cybersecurity professionals and enthusiasts interested in understanding and defending against advanced Active Directory attacks.