Credential Dumping: DCSync

May 2022

What is DCSync

DCSync is used to replicate the Active Directory (AD) Objects among the AD Servers to maintain the data consistency at the organization if there are multiple Domain Controllers (DC) of their AD Servers. Microsoft feature Directory Replication Service (DRS) Remote (MS-DRSR) Protocol that is used to replicate user's data from one DC to another.

How DCSync Attack Minchanism

Walkthrough on DCSYNC Attack

PreviousCredential Dumping: SAMNextKerberos Attack

Last updated