BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: A Broken Marriage: Abusing Mixed Vendor Kerberos Sta
 cks\n   When: Saturday\, Aug 12\, 16:00 - 16:20 PDT\n   Where: Caesars For
 um - Academy - 407-410 - Track 4 - [1]Map\n\n   SpeakerBio:Ceri Coburn \, 
 Red Team Operator & Offensive Security Dev at\n   Pen Test Partners\n   Af
 ter a 20 career within the software development space\, Ceri was\n   looki
 ng for a new challenge and moved into pen testing back in 2019.\n   During
  that time he has created and contributed to several open source\n   offen
 sive tools such as Rubeus\, BOFNET and SweetPotato and on the odd\n   occa
 sion contributed to projects on the defensive side too. He current\n   wor
 ks as a red team operator and offensive security dev at Pen Test\n   Partn
 ers.\n   Twitter: [2]@_EthicalChaos_\n\n   Description:\n   The Windows Ac
 tive Directory authority and the MIT/Heimdal Kerberos\n   stacks found on 
 Linux/Unix based hosts often coexist in harmony within\n   the same Kerber
 os realm. This talk and tool demonstration will show\n   how this marriage
  is a match made in hell. Microsoft's Kerberos stack\n   relies on non sta
 ndard data to identify it's users. MIT/Heimdal\n   Kerberos stacks do not 
 support this non standard way of identifying\n   users. We will look at ho
 w Active Directory configuration weaknesses\n   can be abused to escalate 
 privileges on *inux based hosts joined to\n   the same Active Directory au
 thority. This will also introduce an\n   updated version of Rubeus to take
  advantage of some of these\n   weaknesses.\n\n   REFERENCES\n         * [
 3]https://techcommunity.microsoft.com/t5/security-compliance-and-identity/
 sam-name-impersonation/ba-p/3042699\n         * [4]https://www.catalyst.ne
 t.nz/blog/stay-curious-dollar-ticket-security-issue\n         * [5]https:/
 /exploit.ph/cve-2021-42287-cve-2021-42278-weaponisation.html\n         * [
 6]https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/64
 35d3fb-8cf6-4df5-a156-1277690ed59c\n\n   '\n\n   1. #CaesarsAcademyBR\n   
 2. https://twitter.com/_EthicalChaos_\n   3. https://techcommunity.microso
 ft.com/t5/security-compliance-and-identity/sam-name-impersonation/ba-p/304
 2699\n   4. https://www.catalyst.net.nz/blog/stay-curious-dollar-ticket-se
 curity-issue\n   5. https://exploit.ph/cve-2021-42287-cve-2021-42278-weapo
 nisation.html\n   6. https://learn.microsoft.com/en-us/openspecs/windows_p
 rotocols/ms-kile/6435d3fb-8cf6-4df5-a156-1277690ed59c\n\n\n
DTEND:20230812T232000Z
DTSTART:20230812T230000Z
LOCATION:DC - Caesars Forum - Academy - 407-410 - Track 4
SUMMARY:A Broken Marriage: Abusing Mixed Vendor Kerberos Stacks
END:VEVENT
END:VCALENDAR