Explore the potential of exploiting the Windows Mobile Device Management (MDM) client stack to create an agentless Command and Control (C2) system in this 39-minute Black Hat conference talk. Dive deep into the MDM infrastructure, uncovering new vulnerabilities and their potential for abuse. Gain insights into the Windows MDM client architecture, focusing on the MDM Enrollment and MDM Management protocols. Learn how MDM, as a modern alternative to Group Policy Objects (GPO), enables extensive device management capabilities. Presented by Marcos Oviedo and Zach Wasserman, this talk offers a comprehensive analysis of Windows MDM security implications and potential attack vectors.
Windows Agentless C2 - Abusing the MDM Client Stack
Overview
Syllabus
Windows Agentless C2: (Ab)using the MDM Client Stack
Taught by
Black Hat
Related Courses
-
Windows Agentless C2 - Abusing the MDM Client Stack
-
A Deep Dive into macOS MDM - and How it Can Be Compromised
-
Infecting the Enterprise - Abusing Office365 + Powershell for Covert C2
-
Flying a False Flag - Advanced C2, Trust Conflicts, and Domain Takeover
-
A Practical Attack Against MDM Solutions
-
Practical Attacks Against MDM Solutions
