Microsoft Security destroyed

Benjamin Delpy did it again. This time his attention was focused on the aged SCCM1. Once developed in the late 90s, it looks back on a turbulent history with some twists and turns. Unfortunately the security behind it looks exactly the same what you would expect and at best can be considered as “rotten” when still using 3DES2 to communicate with clients3. The video of a current Windows 2019 server with RDS/RDP terminal services clearly stand for itself. No prior code injection, no previously installed tools or libraries - just mimikatz4 on any connected AD machine and all passwords of current logged in users become visible in plain text5. Read more