Beyond On-Premises: Exploring the Post-Domain Admin Landscape in the Cloud

Organizations are increasingly relying on cloud services from Azure, as there is native support from Microsoft. After obtaining Domain Admin privileges, it is essential to always think of attack paths or scenarios to escalate our privileges or describe the maximum impact. One such thing is escalating privileges to Azure Services. This talk would demonstrate attack paths for obtaining Global Administrator privileges on Azure AD from domain admin privileges on the on-premise network. Multiple domains can be registered under a single tenant, hence after obtaining global admin privileges on Azure it is possible for the adversary to gain administrative access over these domains.

Presented at Security Fest 2023.

Speakers: Sriraam Natarajan, Venkatraman Kumar

About Sriraam Natarajan

Sriraam Natarajan

Sriraam Natarajan from India is an ardent information security practitioner with over 3+ years of specialized experience in red teaming, adversary simulation, penetration testing, and web application security. He enjoys doing Red Teaming exercises and researching new attack vectors, exploits, and evasion techniques. He also had a talk at Lehack Conference. He does coding to automate the boring stuff using Python and Rust. He is currently working as a Security Analyst in Cyber Security Works. He also holds the Certified Red Team Professional Certification.


About Venkatraman Kumar

Venkatraman Kumar

Venkatraman Kumar is a seasoned security researcher, red teamer, and conference speaker with over 5 years of industry experience in information security and programming. His main areas of expertise include network penetration testing, red teaming exercises, adversary simulation, and active directory attacks. He has presented at notable security conferences such as LeHack, BSides, and Diana Initiative. In addition to his professional pursuits, he is an avid problem solver, constantly engaged in solving CTFs, Hackthebox Labs, and conducting independent research. He is also the author of the popular resource https://www.thehackersprint.com/ . Currently, he works as a security analyst at Cyber Security Works.

 
Get all relevant information and news regarding Security Fest, when we release recordings of talks, etc.