Tag: PoC

Dec 15

Detecting MS14-068 Kerberos Exploit Packets on the Wire aka How the PyKEK Exploit Works

MS14-068 References: AD Kerberos Privilege Elevation Vulnerability: The Issue Detailed Explanation of MS14-068 MS14-068 Exploit POC with the Python Kerberos Exploitation Kit (aka PyKEK) Exploiting MS14-068 Vulnerable Domain Controllers Successfully with the Python Kerberos Exploitation Kit (PyKEK) This post shows the packet captures I performed using WireShark on the Domain Controllers during stage 1 and …

Continue reading »

Dec 07

Exploiting MS14-068 Vulnerable Domain Controllers Successfully with the Python Kerberos Exploitation Kit (PyKEK)

MS14-068 References: AD Kerberos Privilege Elevation Vulnerability: The Issue Detailed Explanation of MS14-068 MS14-068 Exploit POC with the Python Kerberos Exploitation Kit (aka PyKEK) Detecting PyKEK Kerberos Packets on the Wire aka How the MS14-068 Exploit Works After re-working my lab a bit, I set about testing the MS14-068 POC that Sylvain Monn√© posted to …

Continue reading »

Dec 06

MS14-068 Kerberos Vulnerability Privilege Escalation POC Posted (PyKEK)

As noted in previous posts on MS14-068, including a detailed description, a Kerberos ticket with an invalid PAC checksum causes an unpatched Domain Controller to accept invalid group membership claims as valid for Active Directory resources. The MS14-068 patch modifies KDC Kerberos signature validation processing on the Domain Controller. This issue is FAR worse than …

Continue reading »