I recently published a blog about an EoP technique I use in #AADInternals 😊

TL;DR: Local admin can run any service as gMSA just by adding gMSA account name to ObjectName property of the service in registry 😈

https://aadinternals.com/post/local_admin_to_gmsa/

My #BHEU #Arsenal #AADInternals presentation slides and screen recording (HD 1080p) available at https://aadinternals.com/talks

The audio quality is bad, has a lot of background noise, and you can even hear Paula Januszkiewicz from the booth next to me 😁

p.s. All the passwords shown are reset 😉

Okay, peeps, you chose the #AADInternals demos; come to see them 1:45pm at #BHEU #Arsenal station #6!

I'll be demoing #AADInternals in #BHEU #Arsenal on Wednesday. Please vote below for what you want me to demonstrate in action!

#AADInternals @bsidesorlando edition is out now!

New functionality:
▪ Get access tokens for managed identities
▪ Add new MOERA domains (.onmicrosoft.com)

And as demonstrated in my BSides Orlando talk:
▪ Modify #AzureAD policy details (including Conditional Access metadata) without detailed Audit Log events

Change log: https://aadinternals.com/aadinternals/#version-info