Best videos i have ever watched on Kerberos. May god bless you
@IgnitedIce812 жыл бұрын
Thank you so much! you helped me with a CTF challange I tried for days
@nareshkaushik71174 жыл бұрын
Your content is amazing, thanks a lot!!
@pawarvikram034 жыл бұрын
For more notes on kerberos visit the best website educationlinks.in/what-is-kerberos/
@adityadeshwal34064 жыл бұрын
Great video man. You have gained a new subscriber. To protect the pre-auth data kerberos error spoofing , Kerberos armoring can be implemented. Please make a video on that if possible.
@SP-hz5tp4 жыл бұрын
Nice explanation! Always happy to see new content.
@pawarvikram034 жыл бұрын
For more notes on kerberos visit the best website educationlinks.in/what-is-kerberos/
@spotifyfan80844 жыл бұрын
Hi vb! Great vid first of all, learned a ton, but i have one small question. At the beginning of the video, you show the as-req request that the client makes to the DC and that request contains the timestamp that has been encrypted by the client's password. I was able to capture the as-req packet in wireshark and i was able to see the cipher that represents that timestamp encrypted with the users password. But one thing that wasn't the same for me as for you, is that the etype for the hash was 23 and not 18 as shown in your example. In the vid, you also said that the etype 23 is weaker that etype 18 so its easier to crack. I tried running hashcat against the hash for type 18 and type 23 but i didn't get any results even though i put the right password as first in the wordlist. I heard that you said found some blog posts online when people demonstrate the same attack and their etype is 23, Could you please send me some of these blogs so i can try to crack my hash? Thanks a lot, in advance : )
@6cylbmw4 жыл бұрын
Another great video!
@pawarvikram034 жыл бұрын
For more notes on kerberos visit the best website educationlinks.in/what-is-kerberos/
@yt_isle2 ай бұрын
masterclass
@ahashef3 жыл бұрын
May be not common for CTFs but very likely to happen in any type of Pentest as good old tcpdump should always be running while testing ;) Who knows... maybe someone configured a Vuln Scanner for an authenticated scan with a very bad password? Sniffing and cracking are still actual whatever we say. Always check your RoE and Scope though)))
@yaraj31552 жыл бұрын
I need to ask you
@pawarvikram034 жыл бұрын
For more notes on kerberos visit the best website educationlinks.in/what-is-kerberos/