Tag Archive: kerberoasting

Jan 29

Sneaky Persistence Active Directory Trick #18: Dropping SPNs on Admin Accounts for Later Kerberoasting

Categories:

ActiveDirectorySecurity, Microsoft Security, Technical Reference

The content in this post describes a method through which an attacker could persist administrative access to Active Directory after having Domain Admin level rights for about 5 minutes. Complete list of Sneaky Active Directory Persistence Tricks posts This post explores how an attacker could leverage existing admin rights and/or over-permissive delegation to gain persistence …

Tags: AD Sneaky Persistence, attacking kerberos, Kerberoast, kerberoasting, Kerberos attack, Kerberos Ticket Cracking, KerberosRequestorSecurityToken, PowerShell Kerberoasting, RC4 TGS ticket, service principal name, sneaky persistence tricks, SPN, System.IdentityModel, TGS cracking, Write ServicePrincipalName

Copyright

Content Disclaimer: This blog and its contents are provided "AS IS" with no warranties, and they confer no rights. Script samples are provided for informational purposes only and no guarantee is provided as to functionality or suitability. The views shared on this blog reflect those of the authors and do not represent the views of any companies mentioned. Content Ownership: All content posted here is intellectual work and under the current law, the poster owns the copyright of the article. Terms of Use Copyright © 2011 - 2017.

Active Directory Security

Active Directory & Enterprise Security, Methods to Secure Active Directory, Attack Methods & Effective Defenses, PowerShell, Tech Notes, & Geek Trivia…

Tag Archive: kerberoasting

Sneaky Persistence Active Directory Trick #18: Dropping SPNs on Admin Accounts for Later Kerberoasting

Recent Posts

Trimarc Active Directory Security Services

Popular Posts

Categories

Copyright

Copyright