From User to Domain Controller: A Journey through the Critical ADCS Vulnerability in Active Directory null Bangalore Meet 15 July 2023 Null/Owasp Combined Meetup
Abstract
Join me for a captivating and enlightening deep-dive live demo as we explore CVE-2022-26923, a critical vulnerability that threatens the security of Active Directory. In this talk, I will take you on an intriguing journey through the intricacies of this vulnerability, showcasing the potential risks it poses, from user compromise to domain controller infiltration.
As an integral component of many organizations' IT infrastructures, Active Directory plays a crucial role in managing user authentication, access control, and other vital functions. However, the presence of vulnerabilities, such as CVE-2022-26923, exposes businesses to severe threat.
During this session, I will demonstrate the step-by-step exploitation process, offering valuable insights into the attacker's mindset and techniques employed. Through our live demo, you will witness firsthand how a seemingly innocent user can escalate privileges, bypass security measures, and gain control over a domain controller, potentially wreaking havoc within your organization's network.
Although the subject matter may initially seem complex, I have designed this talk to be accessible to beginners while still providing valuable information for intermediate-level attendees like yourself. My aim is to empower you with actionable knowledge to enhance your organization's cybersecurity defenses and mitigate the risks associated with this critical ADCS vulnerability.
Don't miss this opportunity to gain a comprehensive understanding of CVE-2022-26923. Join me for this informative and eye-opening session that will leave you better equipped to protect your organization's most valuable assets. Together, we can fortify our defenses against this critical ADCS vulnerability.
Speaker
Timing
Starts at Saturday July 15 2023, 12:10 PM. The sessions runs for about 1 hour.