BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Spooky authentication at a distance\n When: Saturd ay\, Aug 12\, 15:00 - 15:45 PDT\n Where: Caesars Forum - Forum - 109-119 \, 138-139 - Track 2 - [1]Map\n\n SpeakerBio:Tamas "SkelSec" Jos \, Prin cipal Security Consultant at\n Sec-Consult AG\n Tamas Jos (@skelsec) i s a principal security consultant at SEC Consult\n (Schwiez) AG. He has worked within the information security industry\n for over 10 years\, fo cusing mainly on reversing topics across many\n industries around the gl obe. He has an in-depth technical appreciation\n of Windows security\, w hich heavily influences his research. This often\n takes him down many l ow level rabbit holes\, leading to the creation\n and maintenance of wel l-received open-source projects\, such as\n pypykatz & OctoPwn.\n\n Yo u can find Tamas’ musings on his blog at [2]https://github.com/skelsec/\ n\n Twitter: [3]@skelsec\n\n Description:\n Spooky authentication at a distance outlines a new and innovative\n post-exploitation technique to proxy common authentication protocols\n used in Windows environments remotely and with no elevated privileges\n required. This allows securit y professionals to perform complete\n impersonation of the target user o n their own machine without\n executing any further code on the target m achine besides the agent\n itself. This talk will also demonstrate the a pplicability of this new\n technique by performing no-interaction\, full domain takeover using a\n malicious peripheral in a simulated restricte d environment.\n\n REFERENCES\n Tools which will be showed in th e demos: [AioSMB] [4]https://github.com/skelsec/aiosmb\n [MSLDAP] [5]https://github.com/skelsec/msldap [WSNet] [6]https://github.com/skelsec /wsnet\n [OctoPwn] [7]https://community.octopwn.com [Asyauth] [8]h ttps://github.com/skelsec/asyauth\n [Aardwolf] [9]https://github.c om/skelsec/aardwolf\n\n My previous talk on [OctoPwn] the in-browser pen test suite can be\n found here: [10]https://youtu.be/jStdrDHTmD4​\n\n Related tools:\n [PYODIDE] Octopwn uses Pyodide framework to run in th e browser. [11]https://github.com/pyodide/pyodide\n [LDAP3] The MSLDAP p roject used code parts from this project. [12]https://ldap3.readthedocs.io /en/latest/\n [RDPY] The Aardwolf RDP clinet is based on this tool. [13] https://github.com/citronneur/rdpy\n [BLOODHOUND] Jackdaw was based on t his tool. [14]https://github.com/BloodHoundAD/BloodHound\n [IMPACKET] ai oSMB libraries were based partially on this tool. [15]https://github.com/f ortra/impacket\n [LsaRelayX] Future extension [16]https://github.com/CCo b/lsarelayx\n [duckencoder] To automate keystrokes on the embedded syste m [17]https://github.com/mame82/duckencoder.py\n\n '\n\n 1. #CaesarsFo rumBR\n 2. https://github.com/skelsec/\n 3. https://twitter.com/skelse c\n 4. https://github.com/skelsec/aiosmb\n 5. https://github.com/skels ec/msldap\n 6. https://github.com/skelsec/wsnet\n 7. https://community .octopwn.com\n 8. https://github.com/skelsec/asyauth\n 9. https://gith ub.com/skelsec/aardwolf\n 10. https://youtu.be/jStdrDHTmD4\n 11. https ://github.com/pyodide/pyodide\n 12. https://ldap3.readthedocs.io/en/late st/\n 13. https://github.com/citronneur/rdpy\n 14. https://github.com/ BloodHoundAD/BloodHound\n 15. https://github.com/fortra/impacket\n 16. https://github.com/CCob/lsarelayx\n 17. https://github.com/mame82/ducke ncoder.py\n\n\n DTEND:20230812T224500Z DTSTART:20230812T220000Z LOCATION:DC - Caesars Forum - Forum - 109-119\, 138-139 - Track 2 SUMMARY:Spooky authentication at a distance END:VEVENT END:VCALENDAR