You Guys don’t Get the Process to Exploit Microsoft Kerberos

As MIT explains that: “Kerberos is a
network authentication protocol. It is designed to provide strong
authentication for client/server applications by using secret-key
cryptography.” Kerberos builds on symmetric key cryptography and
requires a trusted third party, and optionally may use public-key
cryptography during certain phases of authentication.Kerberos uses
UDP port 88 by default.
Microsoft Active Directory uses
Kerberos to handle authentication requests by default. However, if
the domain is compromised, how bad can it really be? With the loss of
the right hash, Kerberos can be completely compromised for years
after the attacker gained access. Yes, it really is that bad.

this presentation Skip Duckwall, @passingthehash on twitter and
Benjamin Delpy, @gentilkiwi on twitter and the author of Mimikatz,
will demonstrate just how thoroughly compromised Kerberos can be
under real world conditions.

Prepare to have all your
assumptions about Kerberos challenged!

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What are Online Casinos doing to be as Safe and Secure as Possible?

Online casinos have continued to increase in popularity over recent years as more and more gamblers have turned to virtual options to further enhance...

Reconnaissance for Bug Bounty Hunters & Pentesters

New to the bug bounty and confused about where to start? Worry not! This reconnaissance for bug bounty hunters guides you to take the...

Access & Manage Android Phone Remotely – L3MON Tutorial

There is software available, like Metasploit, to gain remote access to any android phone. But other than that, we have the L3MON tool (A...

How to Hide Shellcode Behind Closed Port?

Every company has a variety of scanners for analyzing its network and identifying new or unknown open ports. It's unthinkable to disguise the potentially...