This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Kerberos Forged Ticket
Kerberos Forged Ticket

Version management

Difference between version and

At line 1 added 13 lines
!!! Overview
[{$pagename}] are used as [Privileged Identity] [exploits] and have been identified as one of the __most dangerous__ [attack] techniques against [Kerberos]
These [Attacks] are considered the __most dangerous__ for the following:
* Access - Once an [attacker] has [Local Administrative Account] [privileges], the [Attacker] is possible to dump additional [credentials], which if left behind in the compromised machines, enable the [attacker] to move laterally in the network, elevate [privileges] and gain [unauthorized] access to valuable [Resources|Resource].
* Obscurity - To bypass security controls and evade detection, an [attacker] can reuse [Kerberos] [tickets] for [impersonation] of authorized users to sidestep [authentication] processes – disguising activity and avoiding [authentication] log traces.
* [Advanced Persistent Threat] - The days of stolen data being dumped all at once are largely over – [attackers] often prefer to remain on the network undiscovered for extended periods of time, funneling information out little –by – little. Kerberos attacks give attackers what they need most to do this: time. It is possible to maintain persistence with Kerberos tickets, even when [credentials] have been changed.
While there are several types of [Microsoft Windows] [authentication] [Attacks] – including [Pass-the-hash], Overpass-the-Hash and [Pass-the-ticket] – the most destructive of all is the [Golden Ticket].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop