Red teams have been abusing Windows domain trusts for years with great success, but the topic is still underrepresented in public infosec discussions.
While the community has started to talk more about Active Directory exploitation, there isn’t much information out there discussing domain trusts from an offensive perspective. This talk aims to demystify domain trusts and show how they can be enumerated and abused during the course of an engagement. We’ll conclude with a complex demo showing how to enumerate, visualize, and abuse the trust relationships in an example environment, leading to total domain takeover without throwing a single exploit.
Will Schroeder (@harmj0y) is a security researcher and pentester/red-teamer for Veris Group’s Adaptive Threat Division, and is one of the co-founders and active developers of the Veil-Framework. He has presented at Shmoocon, Carolinacon, Defcon, and Derbycon on topics spanning AV-evasion, post-exploitation, red teaming, offensive PowerShell, and more. A former national lab security researcher, he is happy to finally be in the private sector.
Justin Warner (@sixdub) is a pentester/red-teamer with Veris Group’s Adaptive Threat Division and dabbles in security research when he is feeling inspired. As an Air Force Academy graduate and former USAF Cyber Operations Officer, he gained experience with large scale operations at the national level. Justin has a passion for threat research, reverse engineering, and red team operations. He is an active developer on the Veil-Framework and is a participant in various red team events in the DC area.