As always, jams…. DCSync Hijacking I recently published a blog post detailing an attack where we could hijack AADConnect’s DCSync dataset to steal credentials and crack the credentials offline. The foundational knowledge here is as follows: We learned that by injecting a malicious DLL into the miiserver.exe process, we could actually siphon the DCSync dataset […]

Read More »