How good is AI at Hacking AD? (medium.com)

An AI-driven red‑team agent, given only a low‑privileged domain account in a realistic lab (Windows Server 2022 DC, a Windows 11 workstation and typical user groups), achieved Domain Administrator in 27 minutes. After aggressive enumeration (RustScan/Nmap and LDAP queries) it chained excessive ACLs: GenericAll on user bob → password reset → bob authenticated → discovered GenericAll on alice → reset alice. Alice’s membership in WebAdmins revealed AddAllowedToAct on WIN11, enabling a Resource‑Based Constrained Delegation (RBCD) attack: the agent created FAKECOMP$, configured RBCD, used Kerberos S4U2Self/S4U2Proxy to impersonate Administrator, gained local admin on WIN11, dumped LSA Secrets to retrieve svc-sync credentials, authenticated as svc-sync, used DCSync to extract NTLM hashes (including Domain Admin), and then pass‑the‑hashed into a full DC compromise. The takeaway for the AI/ML and security community is stark: AI agents can now automate multi‑step AD privilege escalation—discovering ACL chains, misconfigurations, RBCD and replication rights faster than many defenders can detect. Defenders should prioritize AD hygiene (least privilege and ACL reviews), restrict service account privileges and replication rights, harden Kerberos delegation policies, monitor for AddAllowedToAct/RBCD changes and DCSync activity, protect LSA Secrets and credential stores, and deploy EDR/alerting tuned for these chained techniques. The incident underscores that automation raises the speed and scale of attack execution, making proactive AD hardening and detection essential.