Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Attacks on Windows > Kerberoasting > Flashcards

Kerberoasting Flashcards

1
Q

What role have Domain Controler on Kerberos too ?

A

DC = Key Distribution Center (KDC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is goal of Kerberoasting ?

A

Get TGS and decrypt server’s account hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What steps are involved in Kerberoasting (6) ?

A
  1. Request TGT (Provide NTLM hash) to DC
  2. Receive TGT encrypted witg krbtgt hash
  3. Request TGS for Server (Present TGT)
  4. Receive TGS encrypted with server account hash
  5. Present TGS for server encrypted with server’s account to App server
  6. AP REP (optional)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are cmd for Kerberoasting (2) ?

A
  1. Get SPNs, Dump Hash (Impacket)
    python GetUserSPN.py DOMAIN/username:password -dc-ip IP_DC -request
  2. Crack that hash
    hashcat -m 13100 kerberoast.txt rockyou.txt -O
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are mitigation strategie for Kerberoasting

A
  • Strong passwords
  • Least Privilege
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Attacks on Windows (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions