Updates to Owner or Pwned?
I pushed some updates to my whitepaper on Active Directory Object Ownership today after Mark M. provided some great feedback on the document, including that all the links in the PDF were broken. You can download it here: Owner or Pwned?: Disccovering and Remediating AD Object Ownership Issues This is 50+ pages of details on how ownership works in Active Directory and in really any Microsoft Windows environment where Securable Objects are present.
Owner or Pwned?
Discovering and Remediating AD Object Ownership Issues
Abstract
The default behavior in Active Directory allows the Owner of an AD Object to fully control that Object. Do you know who owns objects in your AD Forest? Do you know which AD Object Owners could compromise your AD Forest? Do you know who could own your AD Objects and who could Pwn your AD?
Version
1.3