Windows Agentless C2: (Ab)using the MDM Client Stack

This presentation will uncover the potential of harnessing the Windows Mobile Device Management (MDM) client stack to create an agentless Command and Control (C2) system. We will dive deep into the MDM infrastructure, exposing new vulnerabilities and demonstrating their potential for abuse. As a modern alternative to Group Policy Objects (GPO), Windows MDM enables extensive device management capabilities. We will present an in-depth analysis of the Windows MDM client architecture, focusing on the MDM Enrollment and MDM Management protocols... By: Marcos Oviedo , Zach Wasserman Full Abstract and Presentation Materials: #windows-agentless-c-abusing-the-mdm-client-stack-32549
Back to Top