1. Authenticated Code
Execution by Design
Or Making Zen and the Art of How I Learned to Stop
Worrying and Love the Password for Fun and Profit
Great Again
35. DCOM objects
MMC20.Application DCOM
● MMC snapin object thingy
● Has an ExecuteShellCommand() method
Excel.Application
● Has a Run() method that runs macros
35
46. Splunk
Plugin system is straight-forward code execution
• Python or anything that runs on Linux
Supports PAM, RADIUS, LDAP for auth
• But the free version doesn’t support auth at all
• More unACEbD
46
57. Bob in Finance shouldn’t log into production servers
Sally in Engineering shouldn’t log into Finance systems
No one should ever log into 100 systems in 5 seconds
Audit Logins
57