Credentials have always served as a favorite target for advanced attackers, since these allow to efficiently traverse a network, without using any exploits.
Moreover, compromising the network might not be sufficient, as attackers strive to obtain persistency, which requires the use of advanced techniques to evade the security mechanisms installed along the way.
One of the challenges adversaries must face is: How to create threats that will continuously evade security mechanisms, and even if detected, ensure that control of the environment can be easily regained?
In this talk, we briefly discuss some of the past techniques for gaining persistency in a network (using local accounts, GPOs, skeleton key, etc.) and why they are insufficient nowadays.
Followed by a comprehensive analysis of lesser known mechanisms to achieve persistency, using non-mainstream methods (such as object manipulation, Kerberos delegation, etc.).
Finally, we show how defenders can secure their environment against such threats.