As companies continue to rely on databases to store sensitive information, securing the data has become a top priority. MS SQL Server is a popular database management system that integrates with Windows and Active Directory domains, creating trust relationships that can be leveraged for attacks. As a Red Teamer, it’s crucial to understand the fundamentals...
Kerberos is a network authentication protocol used to provide secure authentication over a non-secure network. While it is an essential component of network security, it can also be exploited by hackers to gain unauthorized access to sensitive information. In this article, we will take a deep dive into one such exploitation technique, AS-REP Roasting. We...
Resource-Based Constrained Delegation (RBCD) is a feature introduced in Windows Server 2012 that allows administrators to configure which accounts are trusted to delegate on their behalf. This type of delegation is more secure than its predecessors, but it can still be abused and used as a means of lateral movement and privilege escalation. In this...
With the increasing use of digital certificates for encryption, authentication, and other security purposes, Active Directory Certificate Services (AD CS) has become a critical component in many enterprise environments. However, the security implications of AD CS have often been overlooked, leaving organizations vulnerable to potential attacks and compromise. In this blog, we will delve into...
As a cybersecurity professional, I’ve come across various attacks that threaten network security. LLMNR poisoning is one such threat, which poses great danger if left unaddressed. In this blog, I will outline exactly what LLMNR poisoning is and its dangers as well as ways it can be avoided and combatted. What is LLMNR poisoning? LLMNR...
These days, cyber attacks seem to be increasing at a high rate; therefore, organizations need to be concerned about securing their details and information from theft and corruption. Businesses should be focusing on adapting cyber security measures to protect themselves. One such approach is the Red Team vs Blue Team. The Red Team vs Blue...
It is evident that with the advancement of technology, the risks associated with it have also increased. Cybercriminals are always on the lookout for new ways by which they can exploit the system and gain unauthorized access to sensitive data. Penetration testing and red teaming come into play here. Both techniques identify vulnerabilities in a...
In our previous blog post, we discussed the Kerberos authentication and authorization mechanism and a few of their exploits. We also discussed PAC’s significance and how it affects user authorization. In this blog, we will dive deeper into PAC exploits and how attackers can use the PAC in different ways to escalate their privileges in...
Kerberos Delegation is a powerful authentication mechanism that allows users and services to securely access resources in an Active Directory environment. Topics covered: Basic principles of Kerberos Delegation Types of delegations, their configuration and how they work Exploiting constrained delegation By exploring these topics one by one in our blog, you’ll...
As discussed in the Active Directory Basics blog, Kerberos is an authentication mechanism used to authenticate users and services. The two main components of Kerberos are: Authentication Server (AS), which authenticates user and grants Ticket Granting Ticket (TGT) Ticket Granting Server (TGS), which issues the service tickets (TGS) The main goal of an attacker is...
