Golden SAML.

An identity-attack technique that steals a federation IdP's token-signing private key (typically from AD FS) and forges arbitrary SAML responses, granting persistent, MFA-bypassing access to any federated service. 它属于网络安全的 身份与访问 分类。

An identity-attack technique that steals a federation IdP's token-signing private key (typically from AD FS) and forges arbitrary SAML responses, granting persistent, MFA-bypassing access to any federated service.

Golden SAML was disclosed by CyberArk Labs in 2017 and shot to prominence as a documented technique used in the 2020 SolarWinds-Sunburst intrusions. The attack assumes a federated identity model: an on-premises identity provider (most often Microsoft AD FS) signs SAML responses with a private token-signing key whose public counterpart is trusted by every relying party — Microsoft 365, AWS, Salesforce, Workday, and so on. An attacker who reaches AD FS with sufficient privilege (Domain Admin, AD FS service account) can extract that private key and then sign SAML responses for any user, any group memberships, with no need to log in to the IdP at all. Because the resulting tokens are cryptographically valid, MFA prompts, password resets, and account lockouts are bypassed; revocation requires rotating the token-signing certificate and re-establishing trust with every relying party. Defensive controls focus on hardening AD FS (HSM-backed signing keys, restricted Tier-0 access, monitoring of `Microsoft-Windows-Security-Auditing` 410/411 events), migrating to cloud-native IdPs (Entra ID with no AD FS), and detecting anomalous SAML assertions at relying parties (e.g. impossible NameID claims, unfamiliar issuers, sudden first-seen IPs).

针对 Golden SAML 的防御通常结合技术控制与运营实践,详见上方完整定义。

常见的别称包括: Golden SAML attack。