Explore the potential of exploiting the Windows Mobile Device Management (MDM) client stack to create an agentless Command and Control (C2) system in this 39-minute Black Hat conference talk. Dive deep into the MDM infrastructure, uncovering new vulnerabilities and their potential for abuse. Gain insights into the Windows MDM client architecture, focusing on the MDM Enrollment and MDM Management protocols. Learn how MDM, as a modern alternative to Group Policy Objects (GPO), enables extensive device management capabilities. Presented by Marcos Oviedo and Zach Wasserman, this talk offers a comprehensive analysis of Windows MDM security implications and potential attack vectors.
Overview
Syllabus
Windows Agentless C2: (Ab)using the MDM Client Stack
Taught by
Black Hat