Kerberos Silver Ticket Attack Explained

Рет қаралды 14,562

2 жыл бұрын

I'm finally back and continuing with the Kerberos videos I promised you ages ago. This time we're looking at the silver ticket attack, which lets us pretend to be domain admin for a specific service.
Here are the previous videos I mentioned:
Kerberos explained: • Kerberos Explained (In...
Kerberoasting: • Impacket GetUserSPNs &...
Golden ticket attack: • Kerberos Golden Ticket...
Tools I mentioned:
Rubeus: github.com/GhostPack/Rubeus
The Rubeus GUI I'm working on: github.com/VbScrub/Rubeus-GUI
My GetDomainSID tool: github.com/VbScrub/GetDomainSID

Пікірлер: 30

@vbscrub 2 жыл бұрын

Here are the previous videos I mentioned: Kerberos explained: kzbin.info/www/bejne/qZ-qlo2iebZ_aLM Kerberoasting: kzbin.info/www/bejne/rnmYhWxjop6Ejtk Golden ticket attack: kzbin.info/www/bejne/pWqbkJiIqZxqbbs Tools I mentioned: Rubeus: github.com/GhostPack/Rubeus The Rubeus GUI I'm working on: github.com/VbScrub/Rubeus-GUI My GetDomainSID tool: github.com/VbScrub/GetDomainSID

@rafster15able 2 жыл бұрын

you don't know how much I appreciate your content, it's amazing... not only your way of explaining but the simplicity with which you do it, thanks Vbscrub!

@vbscrub 2 жыл бұрын

Always nice to hear, thanks!

@hexrays6150 2 жыл бұрын

Good explanation, thanks! Also your voice and video editing is chilling and enjoyable.

@vbscrub 2 жыл бұрын

thanks, glad to hear that

@papahorse3347 2 жыл бұрын

im learning to the oscp exam, and your realy helping me ty so much i realy love they way you explain!

@null_1065 2 жыл бұрын

Good to see you back VBScrub!

@fabiorj2008 2 жыл бұрын

By the way, your videos about windows are amazing,.

@DHIRAL2908 2 жыл бұрын

Welcome back, mate!

@MonnizProductions Жыл бұрын

This video is not in the tutorials playlist of yours. Thanks for all the videos!

@huplim 2 жыл бұрын

Awesome stuff!

@mattlebutter9162 2 жыл бұрын

Welcome back!

@ltownandfriends4531 Жыл бұрын

thanks, very helpful

@SuperAtmosphere Жыл бұрын

Very informative, If you can complete the gui tool on the golden ticket , that’s something cool

@vbscrub Жыл бұрын

yeah sorry, I actually did like 99% of the work to get the golden ticket part of the tool working but then just never got round to fully testing it so wasn't comfortable with releasing it

@MygenteTV Жыл бұрын

thank you

@hb3643 5 ай бұрын

Thx

@xB-yg2iw 2 жыл бұрын

helpful for your new box thanks :p

@vbscrub 2 жыл бұрын

haha shhh no spoilers

@haireeizzam6349 Жыл бұрын

If I am able to crack the service account hash via kerberoasting and authenticate to the sqlservice, what's the purpose of creating a "fake account" that enable us to log in into the sql service?

@mhnnamadi495 Жыл бұрын

i tested this method but i couldn't access to plain text with hashcat has it another way to access to silver ticket without hash crack?

@gr00t8 2 жыл бұрын

Is that something that you found regularly during assessments? (User accounts with weak passwords instead of GMSA)

@rafakaras790 2 жыл бұрын

I tried to reproduce the steps you did in this video but I cannot login from remote computer. Did you use stock MSSQL configuration or you had to setup MSSQL?

@vbscrub 2 жыл бұрын

I think all I did was enable TCP connections in the SQL connection manager thing and allow the SQL port through the windows firewall on the server

@fabiorj2008 2 жыл бұрын

Would you tell us a machine in HTB that can apply the knowledge learn in this video ?

@vbscrub 2 жыл бұрын

I've seen kerberoasting in a few HTB machines (one called Active) but haven't actually seen silver tickets in any of the ones I've done. Bear in mind I've only done about 15 HTB machines though

@jeanbaptistebrossard8148 Жыл бұрын

Scrambled