Kerberos is a network authentication protocol used to provide secure authentication over a non-secure network. While it is an essential component of network security, it can also be exploited by hackers to gain unauthorized access to sensitive information. In this article, we will take a deep dive into one such exploitation technique, AS-REP Roasting. We...
Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their behalf. This type of delegation is more secure than its predecessors, but it can still be abused and used as a means of lateral movement and privilege escalation. In this...
With the increasing use of digital certificates for encryption, authentication, and other security purposes, Active Directory Certificate Services (AD CS) has become a critical component in many enterprise environments. However, the security implications of AD CS have often been overlooked, leaving organizations vulnerable to potential attacks and compromise. In this blog, we will delve into...
Active Directory (AD) is integral to many organizations’ IT infrastructures, serving as the repository of user identities, computer accounts, and network resources. However, due to its wide scope and complexity, AD can present serious security risks which must be managed appropriately. In this blog, we will look at some of the best practices for securing...
As a cybersecurity professional, I often encounter various vulnerabilities that hackers can exploit to gain unauthorized access to sensitive information. One such vulnerability is SMB signing disabled, commonly found in Microsoft Windows-based networks. SMB signing is crucial in protecting data integrity and preventing unauthorized access. In this blog, I will discuss what SMB signing disabled...
As a cybersecurity professional, I recognize the necessity of having a safe network for any business. Active Directory is an indispensable tool for managing resources; however, its effectiveness depends on its weakest link – often passwords. Active Directory 101 Active Directory is a directory service used by businesses to manage users, computers and network resources...
Organizations must give security of their IT infrastructure top priority in the current digital era, when cyber threats are growing more complex. The routine auditing of Active Directory is a crucial element of a strong security strategy. The foundation of a company’s network is Active Directory, which controls user access and permissions. Active Directory has...
In our previous blog post, we discussed the Kerberos authentication and authorization mechanism and a few of their exploits. We also discussed PAC’s significance and how it affects user authorization. In this blog, we will dive deeper into PAC exploits and how attackers can use the PAC in different ways to escalate their privileges in...
Kerberos Delegation is a powerful authentication mechanism that allows users and services to securely access resources in an Active Directory environment. Topics covered: Basic principles of Kerberos Delegation Types of delegations, their configuration and how they work Exploiting constrained delegation By exploring these topics one by one in our blog, you’ll...
As discussed in the Active Directory Basics blog, Kerberos is an authentication mechanism used to authenticate users and services. The two main components of Kerberos are: Authentication Server (AS), which authenticates user and grants Ticket Granting Ticket (TGT) Ticket Granting Server (TGS), which issues the service tickets (TGS) The main goal of an attacker is...
