Sometimes I talk in public. I enjoy sharing knowledge 🤓.
2021
The Kerberos Key List attack: The return of the Read Only Domain Controllers
Ekoparty Security Conference. Buenos Aires, Argentina
Microsoft wants Azure everywhere and following that premise, the company has implemented several features in this platform. From an authentication point of view, the most interesting ones are the passwordless scenarios. A short time ago, Microsoft released a new functionality that enables passwordless authentication with security keys in Azure environments. This offers us a seamless SSO experience, but under the hood there is something else: the return of the Read Only Domain Controllers. In this talk I’ll introduce a new attack vector against the RODCs using the Kerberos Key List request messages.
The art of war of Browser Fingerprinting
Ekoparty Security Conference (BlueSpace). Buenos Aires, Argentina
Coauthor: @florencia_rao
Browser fingerprinting is a technique that can be used to uniquely identify users or devices via a website. It can be used for good, in authentication schemes, or for bad, in tracking systems. This situation started an arms race between browsers and those who use fingerprinting to identify users.
Being the good guys, what strategy do we use to continue to identify our legitimate users? How can we maximize the effectiveness of this technique?