Tag: KerberosGoldenTicket

Nov 19

Kerberos Vulnerability in MS14-068 (KB3011780) Explained

Thanks to Gavin Millard (@gmillard on Twitter), we have a graphic that covers the issue quite nicely (wish I had of thought of it!) Exploit Code is now on the net! As of December 4th, 2014, there is Proof of Concept (POC) code posted that exploits MS14-068 by Sylvain Monné by using Python to interact with …

Continue reading »

Oct 30

BlueHat 2014 Slides: Reality Bites – The Attacker’s View of Windows Authentication and Post-exploitation

Each year, Microsoft invites security researchers (aka hackers) to speak to Microsoft employees about security issues. One of the most interesting talks listed at “BlueHat” 2014 was the one by the “Pass-the-Hash” experts, Chris Campbell, Bejamin Delpy, and Skip Duckwall. This talk will focus on the how Windows authentication works in the real world and …

Continue reading »