Showing results for 
Search instead for 
Did you mean: 

Fear the golden ticket attack!

Community Leader

Fear the golden ticket attack!


Follow @rogeragrimes  


Be afraid of the golden ticket attack -- if malicious hackers can create the tickets, they can wreak whatever havoc they please.


The Windows security world is abuzz about Kerberos "golden ticket" attacks in the wake of a seminal presentation at Black Hat USA 2014, the best overview I've seen on the subject.

In a nutshell, if you have domain admin/local admin access on an Active Directory forest/domain, you can manipulate Kerberos tickets to get unauthorized access. A golden ticket attack is one in which you create a Kerberos-generating ticket that is good for 10 years or however long you choose.gold_ticket_attack.jpg


InfoWorld/ Full Aricle Here/

Community Leader