Abstract

In this talk we will learn about how AADConnect Password Hash Sync works and how to abuse the privileges of the user accounts created by AADConnect to Escalate the Privileges in Cloud and On-Prem environment.

Speaker

Chirag Savla

Chirag Savla is a Cyber Security professional with 9+ years of experience. His areas of interest include penetration testing, red teaming, azure and active directory security, and post-exploitation research. He prefers to create open-source tools and explore new attack methodologies in his leisure. He has worked extensively on Azure, Active Directory attacks, defense, and bypassing detection mechanisms. He is an author of multiple Open Source tools such as Process Injection, Callidus, etc. He has presented at multiple conferences and local meetups and has trained people in international conferences like Blackhat, BSides Milano, Wild West Hackin’ Fest.
He blogs at https://3xpl01tc0d3r.blogspot.com
Twitter: @chiragsavla94
Github: https://github.com/3xpl01tc0d3r

Timing

Starts at Saturday February 10 2024, 12:30 PM. The sessions runs for about 1 hour.

Resources