<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div></div><div>Dave,</div><div>Active Directory has long been my favorite target because of the power a Domain Admin wields combined with the odds and ends that get integrated means any bug can be devastating</div><div><br></div><div>The "cloud" has been making vast inroads in Enterprise customer bases. I find companies that have started post 2010 that are large enough to require pen tests favor the out sourced infrastructure. </div><div><br></div><div>Alas AD is becoming less important and Microsoft might come out ahead on the technical debt because the pushed the can down the road far enough to where they are no longer as important. </div><div><br></div><div>DaveM </div><div><br></div><div><br>On Sep 10, 2015, at 13:17, Dave Aitel <<a href="mailto:dave@immunityinc.com">dave@immunityinc.com</a>> wrote:<br><br></div><blockquote type="cite"><div>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<i>Yagate shinu</i><i><br>
</i><i> Keshiki wa miezu</i><i><br>
</i><i> Semi no koe</i><i><br>
- Basho<br>
</i><br>
I updated my SILICA this morning while making pancakes for the kids,
as you do, and of course, all around me looked about with new eyes.
I have a new mesh network that a friend installed in my house and
it's interesting to see what it looks like to a wireless hacker. If
you haven't seen the new SILICA video it is here:
<a class="moz-txt-link-freetext" href="https://vimeo.com/136964755">https://vimeo.com/136964755</a><br>
<br>
There's this sense that hackers get which is divorced from what is
in Wired or Business Insider or BlackHat which is "Works in the
Wild". It's a palpable thing, that sets priorities like a hot oil
such that you can tell who has "Gone Active", as they say, from
their recoiling from various technologies. One technology that is
currently on the hot plate is Active Directory. You can see from
talks even at DefCon that people are looking at WMI as a persistence
mechanism in the wild. And the Microsoft talk from INFILTRATE 2014
went over a whole methodology for attacking Active Directory
networks that dragged public discussion of the techniques into the
modern age. For decades AD has been a disaster from a security
perspective - by design - and now all that technical debt is coming
due like a storm of cicadas chirping their last song.<br>
<br>
-dave<br>
<br>
<br>
<br>
<br>
<br>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Dailydave mailing list</span><br><span><a href="mailto:Dailydave@lists.immunityinc.com">Dailydave@lists.immunityinc.com</a></span><br><span><a href="https://lists.immunityinc.com/mailman/listinfo/dailydave">https://lists.immunityinc.com/mailman/listinfo/dailydave</a></span><br></div></blockquote></body></html>