Description: The attacker(lsadump::dcsync) impersonates as a Domain Controller and requests account password data from the target domain controller.The DCSync option will first discover the domain controller in a particular domain and then requests the domain controller to replicate the users credentials via GetNCChanges by abusing the MS-DRSR(Directory Replication Service Remote Protocol).
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.