Join the BHIS Discord discussion server: https://discord.gg/aHHh3u5
We’re really excited to have a close member of our BHIS extended family, Tim Medin from Red Siege InfoSec, here for a webcast on Kerberos & Attacks 101. Tim is the creator of Kerberoasting. Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? If so, then join Tim Medin as he walks you through how to attack Kerberos with ticket attacks and Kerberoasting. We’ll cover the basics of Kerberos authentication and then show you how the trust model can be exploited for persistence, pivoting, and privilege escalation.
0:00 – 45 Seconds of Banter
0:45 – The Creator Of Kerberosting
1:48 – What Is Kerberos?
4:49 – How It Works
9:23 – PAC: Privilege Attribute Certificate
12:27 – Service Ticket
14:12 – SPN : Service Principal Name
16:22 – Three Long Term Keys
23:39 – I Got A Golden Ticket
24:57 – Ticket Flow
27:49 – Skeleton Key
30:42 – Kerberoasting On an Open Firewall
33:23 – Extract and Crack
34:04 – Silver Ticket
35:25 – Insert Demo Here
37:24 – Cracking Tickets To Get You Out Of Server Jail
43:52 – Trollmode Engaged
45:24 – Pass-The-Ticket
46:05 – Over-Pass-The-Hash
46:37 – Wrap-Up
52:36 – We Have Some Questions
59:25 – 45 More Seconds of Banter
Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment.
Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts.