<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
	<channel>
		<title>Kerberos on ethicalhacker.tech</title>
		<link>https://ethicalhacker.tech/tags/kerberos/</link>
		<description>Recent content in Kerberos on ethicalhacker.tech</description>
		<generator>Hugo</generator>
		<language>en-GB</language>
		
		
		
		
			<atom:link href="https://ethicalhacker.tech/tags/kerberos/index.xml" rel="self" type="application/rss+xml" />
			<item>
				<title>Kerberoasting</title>
				<link>https://ethicalhacker.tech/notes/kerberoasting/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://ethicalhacker.tech/notes/kerberoasting/</guid>
				<description>&lt;h2 id=&#34;what-is-it&#34;&gt;what is it?&lt;/h2&gt;&#xA;&lt;p&gt;Kerberoasting is an Active Directory attack that allows any authenticated domain user to request Kerberos service tickets (TGS) for accounts that have a Service Principal Name (SPN) set. Those tickets are encrypted with the service account&amp;rsquo;s NTLM hash, meaning they can be taken offline and cracked without any further interaction with the domain controller.&lt;/p&gt;&#xA;&lt;p&gt;The attack is particularly effective because SPNs are often set on service accounts with weak passwords, and requesting a TGS is a normal, logged operation that blends in with everyday traffic.&lt;/p&gt;</description>
			</item>
	</channel>
</rss>
