In our previous blog post, we discussed the Kerberos authentication and authorization mechanism and a few of their exploits. We also discussed PAC’s significance and how it affects user authorization. In this blog, we will dive deeper into PAC exploits and how attackers can use the PAC in different ways to escalate their privileges in...
Kerberos Delegation is a powerful authentication mechanism that allows users and services to securely access resources in an Active Directory environment. Topics covered: Basic principles of Kerberos Delegation Types of delegations, their configuration and how they work Exploiting constrained delegation By exploring these topics one by one in our blog, you’ll...
As discussed in the Active Directory Basics blog, Kerberos is an authentication mechanism used to authenticate users and services. The two main components of Kerberos are: Authentication Server (AS), which authenticates user and grants Ticket Granting Ticket (TGT) Ticket Granting Server (TGS), which issues the service tickets (TGS) The main goal of an attacker is...
