light bulb

Did You Know?

Posts: 4,575
Topics: 2,595
Kudos: 3,988
Blog Posts: 0
Registered: ‎06-02-2014

Fear the golden ticket attack!


Follow @rogeragrimes  


Be afraid of the golden ticket attack -- if malicious hackers can create the tickets, they can wreak whatever havoc they please.


The Windows security world is abuzz about Kerberos "golden ticket" attacks in the wake of a seminal presentation at Black Hat USA 2014, the best overview I've seen on the subject.

In a nutshell, if you have domain admin/local admin access on an Active Directory forest/domain, you can manipulate Kerberos tickets to get unauthorized access. A golden ticket attack is one in which you create a Kerberos-generating ticket that is good for 10 years or however long you choose.gold_ticket_attack.jpg


InfoWorld/ Full Aricle Here/

Community Leader