Attacking Active Directory - Kerberoasting
Kerberoasting is an extremely useful attack method to establish persistence, lateral movement, or privilege escalation in a Windows Active Directory environment. This attack is caused by a user requesting a TGS for an account, typically a service account, that has a Service Principal Name (SPN) associated with it. An attacker could then use the TGS which is encrypted with the service account's NTLM password hash to crack the hash offline.
This video uses GetUserSPNs.py from Impacket.
Join my new Discord server: discord.gg/9CvTtHqWCX
Follow me on Twitter for updates: / 0xconda
If you found this video helpful and would like to support future creations, please considering visiting the following links:
Buy Me a Coffee: https://www.buymeacoffee.com/conda
Check out Impacket: https://github.com/SecureAuthCorp/imp...
00:00 What is Kerberoasting
05:06 Kerberoasting Setup in Lab
07:40: Kerberoasting Demo
12:21 Kerberoasting Mitigation
Watch video Attacking Active Directory - Kerberoasting online without registration, duration hours minute second in high quality. This video was added by user Conda 01 April 2021, don't forget to share it with your friends and acquaintances, it has been viewed on our site 38,857 once and liked it 976 people.