[Samba] Using samba4 to escalate privs.
Johan Akerstrom
jakerstrom at gmail.com
Fri Sep 3 08:06:55 MDT 2010
Ye ol' sidHistory edit attack in new disguise using samba4. I don't think
you can consider it to be a hack but I had a lot of fun playing about with
ldbedit. Samba4 is wikked, it really opens up AD, I had a lot of fun setting
it up. Check my blogg for my little sidHistory priv escalation tutorial
(domain admin to enterprise admin).
http://cosmoskey.blogspot.com/2010/08/online-sidhistory-edit-sid-injection.html
<http://cosmoskey.blogspot.com/2010/08/online-sidhistory-edit-sid-injection.html>
Enjoy! :)
Regards,
Johan Akerstrom
More information about the samba
mailing list