“a service principal name ( spn ) is used in the domain to associate the service with a login account. when a user wishes to use the specific resource they receive a kerberos ticket signed with ntlm hash of the account that is running the service. this is a bit of an oversimplific…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1558.003Kerberoasting
92%
“using ip tables to limit connections to 8080 to the localhost. some proponents of hacking naked may think this is overkill, but sometimes i think wearing around a firewall is appropriate – this is one of those times. the ip tables rules file i use is here. place the ip tables rul…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1090.001Internal Proxy
87%
“https : / / github. com / coresecurity / impacket next, we need to install and configure proxychains. after install, the only configuration change is the desired port ( for example, 8080 ). # apt - get install proxychains now we need an established meterpeter session. there are m…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1558.003Kerberoasting
86%
“a toast to kerberoast a toast to kerberoast derek banks / / this post will walk through a technique to remotely run a kerberoast attack over an established meterpreter session to an internet - based ubuntu 16. 04 c2 server and crack the ticket offline using hashcat. recently i ha…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1090.002External Proxy
66%
“https : / / github. com / coresecurity / impacket next, we need to install and configure proxychains. after install, the only configuration change is the desired port ( for example, 8080 ). # apt - get install proxychains now we need an established meterpeter session. there are m…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1558.003Kerberoasting
60%
“] the fix for this at the moment is to make sure that all service accounts in your environment have really long passwords. how long depends on what resources you think your potential attacker has access to for cracking passwords. my current suggestion ( based on potential passwor…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1558Steal or Forge Kerberos Tickets
40%
“a toast to kerberoast a toast to kerberoast derek banks / / this post will walk through a technique to remotely run a kerberoast attack over an established meterpreter session to an internet - based ubuntu 16. 04 c2 server and crack the ticket offline using hashcat. recently i ha…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1558.004AS-REP Roasting
40%
“] the fix for this at the moment is to make sure that all service accounts in your environment have really long passwords. how long depends on what resources you think your potential attacker has access to for cracking passwords. my current suggestion ( based on potential passwor…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Derek Banks // This post will walk through a technique to remotely run a Kerberoast attack over an established Meterpreter session to an Internet-based Ubuntu 16.04 C2 server and crack […]
