[Samba] Using samba4 to escalate privs.

Johan Akerstrom jakerstrom at gmail.com
Fri Sep 3 08:06:55 MDT 2010


Ye ol' sidHistory edit attack in new disguise using samba4. I don't think
you can consider it to be a hack but I had a lot of fun playing about with
ldbedit. Samba4 is wikked, it really opens up AD, I had a lot of fun setting
it up. Check my blogg for my little sidHistory priv escalation tutorial
(domain admin to enterprise admin).

http://cosmoskey.blogspot.com/2010/08/online-sidhistory-edit-sid-injection.html
<http://cosmoskey.blogspot.com/2010/08/online-sidhistory-edit-sid-injection.html>
Enjoy! :)

Regards,

Johan Akerstrom


More information about the samba mailing list