Browsed by
Tag: Credential Access

Golden Ticket

Golden Ticket

By obtaining the password hash for the most powerful service account in Active Directory ā€“ the KRBTGT account ā€“ an attacker is able to compromise every account within Active Directory, giving them unlimited and virtually undetectable access to any system connected to AD.


DCSync

DCSync

DCSync is a command within Mimikatz that an attacker can leverage to simulate the behavior of Domain Controller (DC). More simply, it allows the attacker to pretend to be a Domain Controller and ask other DCā€™s for user password data.


Silver Ticket

Silver Ticket

Similar in concept to a golden ticket, a silver ticket attack involves compromising credentials and abusing the design of the Kerberos protocol. However, unlike a golden ticket — which grants an adversary unfettered access to the domain — a silver ticket only allows an attacker for forge ticket-granting service (TGS) tickets for specific services. TGS tickets are encrypted with the password hash for the service ā€“ therefore, if an adversary steals the hash for a service account they can mint TGS tickets for that service.