An Ace up the Sleeve: Designing Active Directory DACL Backdoors

by Andy Robbins, Will Schroeder
Sept. 12, 2017 1 comment attacking attackers

Active Directory (AD) object discretionary access control lists (DACLs) are an untapped offensive landscape, often overlooked by attackers and defenders alike. The control relationships between AD objects align perfectly with the "attackers think in graphs" philosophy and expose an entire class of previously unseen control edges, dramatically expanding the number of paths to complete domain compromise.

Steven Ulm 9 months ago

Hard to read. Sounds a bit like click bait to me... honestly