UA
Uploaded byUtkarsh Agrawal
PDF, PPTX166 views

Active directory 101

Active Directory is a centralized directory service that stores objects like users, groups, computers, and policies. It provides security and simplifies administration. Groups contain users/computers and help apply policies. Group policies centrally manage settings. Organizational units logically organize objects and delegate administration. Trusts allow access between domains. From an attacker's perspective, they would get an initial foothold, enumerate privileged accounts and permissions, and exploit any misconfigurations to escalate privileges like taking over accounts. They could also use trusts to access other domains.

Embed presentation

Download as PDF, PPTX
Active Directory 101
Contents ● What is Active directory ● Groups & Group Policy ● Organizational Unit (OU) ● Trusts in Active Directory ● Active Directory Attacker’s Perspective
Active Directory ● Microsoft technology ● Centralized way to store objects ● Objects includes Users, Computers, Groups and Group Policies ● Objects stored in Hierarchical Structure ● DNS, LDAP, Kerberos ● Allows to create Groups, Group policies, OUs ● Provides security, simplifies the admin burden
Why Active Directory? Security: It ensures that no one else except allowed people can access the resource. Centralization: It stores all the resource in one place. Delegation: It allows the delegation of the admin permission to other sites.
Groups and Group Policies Groups:- ● Collection of users, computers is known as Groups ● Helpful for applying task to multiple users at one time. HR Department Prod Department GROUP FM Department Creating a Group Giving access to that Group Access Complete
Groups and Group Policies Group Policies:- ● Centralised settings ● Settings can be of anything. ● Applied on Organizational Unit (OU) ● Provides security ● GUID in Policies folder ● Replicate in every 90 mins.
Organizational Units ● Organizational Units or OUs are containers which holds Groups, Computers, Users. ● Helps in GPO ● Helps in Administrative Delegation domainA SubDivision:DomainA Organizational Unit Create OU Full Control
Trusts The main objective of Trusts is provides access to across the different entities domainA.com domainB.com sub.child.domainA.com child.domainA.com sub.child.domainB.com child.domainB.com Want to Access Resource
Trusts There are different types of trusts through which active directory helps to access those resources. ● Parent Child Trust ● Shortcut Trust ● Tree Trust ● Forest Trust ● External Trust ● Realm Trust
Trusts Direction One Way Trust Direction Trusting Domain [domainA.com] Trusted Domain [domainB.com] Direction Of Trust Direction Of Access
Trusts Direction Two Way Trust Direction Trusting Domain & Vice Versa Trusted Domain & Vice Versa
Active Directory From Attacker’s Perspective Methodology can be:- ● Getting Initial Footprint into the Organisation ● Enumerating Privileged accounts/Accounts live in Domain Admins, etc ● Identify any weak permissions ● Enumerating and Exploiting.
Active Directory From Attacker’s Perspective Enumerating Privileged Accounts Privileged accounts live in Domain Admins, Enterprise Admins, etc PowerView Get-NetGroupMember Will help to get the results.
Active Directory From Attacker’s Perspective Enumerating Account Information
Active Directory From Attacker’s Perspective Enumerating Accounts with same Email 1 2
Active Directory From Attacker’s Perspective Enumerating ACLS in AD ACLs helps to determine the Permissions of the Objects. Exploiting those results in Privilege Escalations. demop Victim (Higher Priv) Reset Password Permission Attacker Controlled User Attacker hijacks the victim user account
Active Directory From Attacker’s Perspective Enumerating ACLs in AD (In Case of without Misconfiguration)
Active Directory From Attacker’s Perspective Enumerating ACLs in AD Vulnerable ACL “Enumerated ACL by attacker”
Active Directory From Attacker’s Perspective Exploiting ACLs in AD (In case of Misconfiguration, leads to Account TakeOver)
Active Directory From Attacker’s Perspective Exploiting Trusts ● Enumerating Trust (Powerview cmdlet would help) ● Enumerating Privileged Users across entity. ● Enumerating any weak ACLs, Misconfiguration, etc. ● Exploit them
Active Directory From Attacker’s Perspective Exploiting Trusts Domain A Domain B Normal User Admin User
Thank you

More Related Content

PPTX
Active Directory Domain Services.pptx
bysyedasadraza13
 
PDF
Microsoft Azure Active Directory
byDavid J Rosenthal
 
PPT
Active directory domain services
byIGZ Software house
 
PPT
Active directory slides
byTimothy Moffatt
 
PPTX
Aws storage
byChandan Ganguly
 
PPTX
Introduction to Active Directory
bythoms1i
 
PPTX
What is active directory
byAdeel Khurram
 
PPTX
Single sign on - SSO
byAjit Dadresa
 
Active Directory Domain Services.pptx
bysyedasadraza13
 
Microsoft Azure Active Directory
byDavid J Rosenthal
 
Active directory domain services
byIGZ Software house
 
Active directory slides
byTimothy Moffatt
 
Aws storage
byChandan Ganguly
 
Introduction to Active Directory
bythoms1i
 
What is active directory
byAdeel Khurram
 
Single sign on - SSO
byAjit Dadresa
 

What's hot

PPT
active-directory-domain-services
by202066
 
PPT
Active Directory Services
byVarun Arora
 
PDF
Single Sign On - The Basics
byIshan A B Ambanwela
 
PDF
Mastering Active Directory_ Design, deploy, and protect Active Directory Doma...
byYogeshwaran R
 
PDF
Single sign on using SAML
byProgramming Talents
 
PPT
Active directory
bydeshvikas
 
PDF
Install active directory on windows server 2016 step by step
byAhmed Abdelwahed
 
PPTX
Group policy Best Practices
byRob Dunn
 
PPTX
Introduction_of_ADDS
byHarsh Sethi
 
PPT
Active Directory Training
byNishad Sukumaran
 
PDF
Introduction to SAML 2.0
byMika Koivisto
 
PPTX
Active directory introduction
byTimothy Moffatt
 
PPTX
Azure key vault
byRahul Nath
 
PPTX
System hardening - OS and Application
byedavid2685
 
PDF
Microsoft Office 365 Advanced Threat Protection
byDavid J Rosenthal
 
PDF
REST API Pentester's perspective
bySecuRing
 
PDF
Azure Security Overview
byDavid J Rosenthal
 
PPTX
AWS Storage - S3 Fundamentals
byPiyush Agrawal
 
PPTX
OWASP Top 10 2021 Presentation (Jul 2022)
byTzahiArabov
 
PPTX
Azure active directory
byRaju Kumar
 
active-directory-domain-services
by202066
 
Active Directory Services
byVarun Arora
 
Single Sign On - The Basics
byIshan A B Ambanwela
 
Mastering Active Directory_ Design, deploy, and protect Active Directory Doma...
byYogeshwaran R
 
Single sign on using SAML
byProgramming Talents
 
Active directory
bydeshvikas
 
Install active directory on windows server 2016 step by step
byAhmed Abdelwahed
 
Group policy Best Practices
byRob Dunn
 
Introduction_of_ADDS
byHarsh Sethi
 
Active Directory Training
byNishad Sukumaran
 
Introduction to SAML 2.0
byMika Koivisto
 
Active directory introduction
byTimothy Moffatt
 
Azure key vault
byRahul Nath
 
System hardening - OS and Application
byedavid2685
 
Microsoft Office 365 Advanced Threat Protection
byDavid J Rosenthal
 
REST API Pentester's perspective
bySecuRing
 
Azure Security Overview
byDavid J Rosenthal
 
AWS Storage - S3 Fundamentals
byPiyush Agrawal
 
OWASP Top 10 2021 Presentation (Jul 2022)
byTzahiArabov
 
Azure active directory
byRaju Kumar
 

Similar to Active directory 101

PPTX
Microsoft Offical Course 20410C_03
bygameaxt
 
PPT
Microsoft Active Directory
bythebigredhemi
 
PPTX
Authorization and Authentication.pptx
bykarthikvcyber
 
PPTX
Module 3- Managing Active Directory Domain Service Objects .pptx
byHassanAhmadAbubakar1
 
PDF
Authentication.pdf
bykarthikvcyber
 
PDF
IRJET- Research Paper on Active Directory
byIRJET Journal
 
PPTX
Hunt for Domain Controller : Active Directory Pentesting Session
byhacknpentest
 
PPT
Active directory installation windows 2003 1
bytameemyousaf
 
PPTX
Activedirecotryfundamentals
byShekhar Singh
 
PPTX
Trusts You Might Have Missed
byWill Schroeder
 
PPT
Active directory - an introduction
bypepoluan
 
PPT
Introduction_to_ActiveDirectory___AD.ppt
byDavid Jordan Velth
 
PDF
AD-Design Deploying.pdf
byYogeshwaran R
 
PPT
1-Active Directory System and Application.ppt
bySrikanthKama2
 
PPTX
Building active directory lab for red teaming
byn|u - The Open Security Community
 
PPTX
Windows Server 2012 Managing Active Directory Domain
byNapoleon NV
 
PPTX
Topics on computer hardware and networking for faculties
byraje63
 
PPT
Introduction_to_Active_Directory and Windows Server
bynavneetyohaya
 
PDF
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
byKhadijaTahir29
 
PPTX
7 tips to simplify Active Directory Management ​
byZoho Corporation
 
Microsoft Offical Course 20410C_03
bygameaxt
 
Microsoft Active Directory
bythebigredhemi
 
Authorization and Authentication.pptx
bykarthikvcyber
 
Module 3- Managing Active Directory Domain Service Objects .pptx
byHassanAhmadAbubakar1
 
Authentication.pdf
bykarthikvcyber
 
IRJET- Research Paper on Active Directory
byIRJET Journal
 
Hunt for Domain Controller : Active Directory Pentesting Session
byhacknpentest
 
Active directory installation windows 2003 1
bytameemyousaf
 
Activedirecotryfundamentals
byShekhar Singh
 
Trusts You Might Have Missed
byWill Schroeder
 
Active directory - an introduction
bypepoluan
 
Introduction_to_ActiveDirectory___AD.ppt
byDavid Jordan Velth
 
AD-Design Deploying.pdf
byYogeshwaran R
 
1-Active Directory System and Application.ppt
bySrikanthKama2
 
Building active directory lab for red teaming
byn|u - The Open Security Community
 
Windows Server 2012 Managing Active Directory Domain
byNapoleon NV
 
Topics on computer hardware and networking for faculties
byraje63
 
Introduction_to_Active_Directory and Windows Server
bynavneetyohaya
 
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
byKhadijaTahir29
 
7 tips to simplify Active Directory Management ​
byZoho Corporation
 

Recently uploaded

PDF
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 
PPTX
Overview of How to set priority in Odoo 19 Todo
byCeline George
 
PPTX
Renal Physiology- Functional anatomy of Kidney.pptx
byDisha Soriya
 
PDF
How "Raiders of the Lost Ark" and "Ordinary People" Employ Non-Verbal Acting
by6x5csns4pn
 
PPTX
Greengnorance Toolkit Module 6 Water Resources
byKarl Donert
 
PPTX
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
PPTX
PRE TERM LABOR ( PREMATURE LABOUR IN PREGNANCY)
byMuthu Kumar
 
PPTX
How to Add an Icon in Systray in Odoo 18
byCeline George
 
PDF
java full stack programming and interview questions
byrajuashokit
 
PPTX
Q4_PPT MUSIC & ARTS 7 week 1-2, matatag curriculum
byZEN
 
PDF
Chapter 05 Drugs Acting on the Central Nervous System: Anti-Depressant Drugs
bySandeshSul
 
PDF
Tetracycline Class of Antibiotics: SAR, MOA and Uses
bymominzarinamdnajeeb
 
PPTX
Methods & Applications of Enzyme Immobilization Technique.pptx
byAnupkumar Sharma
 
PPTX
ELIMINATION NEEDS Fundamentals of Nursing .pptx
bySonali Gupta
 
PDF
Holm Community Heritage at St Nicholas Kirk - 2025 AGM Minutes (30.04.2025)
byAntoine Pietri
 
PPTX
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
PPTX
Renal Physiology- Juxtaglomerular Apparatus.pptx
byDisha Soriya
 
PPTX
Problem and Solution (PowerPoint Game Template)
byacpaulite
 
PPTX
How to perform product search based on a custom field from the Website Shop p...
byCeline George
 
PPTX
How to Change Shipping Label Size in Odoo 18 Inventory
byCeline George
 
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 
Overview of How to set priority in Odoo 19 Todo
byCeline George
 
Renal Physiology- Functional anatomy of Kidney.pptx
byDisha Soriya
 
How "Raiders of the Lost Ark" and "Ordinary People" Employ Non-Verbal Acting
by6x5csns4pn
 
Greengnorance Toolkit Module 6 Water Resources
byKarl Donert
 
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
PRE TERM LABOR ( PREMATURE LABOUR IN PREGNANCY)
byMuthu Kumar
 
How to Add an Icon in Systray in Odoo 18
byCeline George
 
java full stack programming and interview questions
byrajuashokit
 
Q4_PPT MUSIC & ARTS 7 week 1-2, matatag curriculum
byZEN
 
Chapter 05 Drugs Acting on the Central Nervous System: Anti-Depressant Drugs
bySandeshSul
 
Tetracycline Class of Antibiotics: SAR, MOA and Uses
bymominzarinamdnajeeb
 
Methods & Applications of Enzyme Immobilization Technique.pptx
byAnupkumar Sharma
 
ELIMINATION NEEDS Fundamentals of Nursing .pptx
bySonali Gupta
 
Holm Community Heritage at St Nicholas Kirk - 2025 AGM Minutes (30.04.2025)
byAntoine Pietri
 
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
Renal Physiology- Juxtaglomerular Apparatus.pptx
byDisha Soriya
 
Problem and Solution (PowerPoint Game Template)
byacpaulite
 
How to perform product search based on a custom field from the Website Shop p...
byCeline George
 
How to Change Shipping Label Size in Odoo 18 Inventory
byCeline George
 

Active directory 101

  • 1.
  • 2.
    Contents ● What isActive directory ● Groups & Group Policy ● Organizational Unit (OU) ● Trusts in Active Directory ● Active Directory Attacker’s Perspective
  • 3.
    Active Directory ● Microsofttechnology ● Centralized way to store objects ● Objects includes Users, Computers, Groups and Group Policies ● Objects stored in Hierarchical Structure ● DNS, LDAP, Kerberos ● Allows to create Groups, Group policies, OUs ● Provides security, simplifies the admin burden
  • 4.
    Why Active Directory? Security:It ensures that no one else except allowed people can access the resource. Centralization: It stores all the resource in one place. Delegation: It allows the delegation of the admin permission to other sites.
  • 5.
    Groups and GroupPolicies Groups:- ● Collection of users, computers is known as Groups ● Helpful for applying task to multiple users at one time. HR Department Prod Department GROUP FM Department Creating a Group Giving access to that Group Access Complete
  • 6.
    Groups and GroupPolicies Group Policies:- ● Centralised settings ● Settings can be of anything. ● Applied on Organizational Unit (OU) ● Provides security ● GUID in Policies folder ● Replicate in every 90 mins.
  • 7.
    Organizational Units ● OrganizationalUnits or OUs are containers which holds Groups, Computers, Users. ● Helps in GPO ● Helps in Administrative Delegation domainA SubDivision:DomainA Organizational Unit Create OU Full Control
  • 8.
    Trusts The main objectiveof Trusts is provides access to across the different entities domainA.com domainB.com sub.child.domainA.com child.domainA.com sub.child.domainB.com child.domainB.com Want to Access Resource
  • 9.
    Trusts There are differenttypes of trusts through which active directory helps to access those resources. ● Parent Child Trust ● Shortcut Trust ● Tree Trust ● Forest Trust ● External Trust ● Realm Trust
  • 10.
    Trusts Direction One WayTrust Direction Trusting Domain [domainA.com] Trusted Domain [domainB.com] Direction Of Trust Direction Of Access
  • 11.
    Trusts Direction Two WayTrust Direction Trusting Domain & Vice Versa Trusted Domain & Vice Versa
  • 12.
    Active Directory FromAttacker’s Perspective Methodology can be:- ● Getting Initial Footprint into the Organisation ● Enumerating Privileged accounts/Accounts live in Domain Admins, etc ● Identify any weak permissions ● Enumerating and Exploiting.
  • 13.
    Active Directory FromAttacker’s Perspective Enumerating Privileged Accounts Privileged accounts live in Domain Admins, Enterprise Admins, etc PowerView Get-NetGroupMember Will help to get the results.
  • 14.
    Active Directory FromAttacker’s Perspective Enumerating Account Information
  • 15.
    Active Directory FromAttacker’s Perspective Enumerating Accounts with same Email 1 2
  • 16.
    Active Directory FromAttacker’s Perspective Enumerating ACLS in AD ACLs helps to determine the Permissions of the Objects. Exploiting those results in Privilege Escalations. demop Victim (Higher Priv) Reset Password Permission Attacker Controlled User Attacker hijacks the victim user account
  • 17.
    Active Directory FromAttacker’s Perspective Enumerating ACLs in AD (In Case of without Misconfiguration)
  • 18.
    Active Directory FromAttacker’s Perspective Enumerating ACLs in AD Vulnerable ACL “Enumerated ACL by attacker”
  • 19.
    Active Directory FromAttacker’s Perspective Exploiting ACLs in AD (In case of Misconfiguration, leads to Account TakeOver)
  • 20.
    Active Directory FromAttacker’s Perspective Exploiting Trusts ● Enumerating Trust (Powerview cmdlet would help) ● Enumerating Privileged Users across entity. ● Enumerating any weak ACLs, Misconfiguration, etc. ● Exploit them
  • 21.
    Active Directory FromAttacker’s Perspective Exploiting Trusts Domain A Domain B Normal User Admin User
  • 22.