Olga Karelova

Independent security researcher, redteamer

About the speaker

Olga is the captain of the rm‑rf team (a two‑time winner of VolgaCTF, 2012 and 2013). CTO of M*CTF competitions, 2014–2016. Lecturer at the Cryptology and Cybersecurity Department No. 42 of National Research Nuclear University MEPhI (Moscow Engineering Physics Institute).
August 26
Track 2

It’s not uncommon that client infrastructures are deployed under a standard scheme that uses Active Directory. The algorithm for testing such infrastructures is continuously being perfected throughout the years: it’s now clear what steps to take, what to look out for, what types of attacks to run, how to evade defenses, etc. But what if you come across a non‑standard scheme? One such example is the use of FreeIPA.

This year’s events have demonstrated that the standard scheme is gradually going away. To stay on track, pentesters and redteamers have to adapt to the new normal.

The report explores FreeIPA, the approach to pentesting infrastructures deployed on FreeIPA, and provides useful tips (without any know‑how, superexploits, or zero days).