Fear the golden ticket attack!

  • 19 August 2014
  • 0 replies
  • 384 views

Userlevel 7
By:
By Roger A. Grimes | InfoWorldFollow@rogeragrimes  
 
Be afraid of the golden ticket attack -- if malicious hackers can create the tickets, they can wreak whatever havoc they please.
 
The Windows security world is abuzz about Kerberos "golden ticket" attacks in the wake of a seminal presentation at Black Hat USA 2014, the best overview I've seen on the subject.
In a nutshell, if you have domain admin/local admin access on an Active Directory forest/domain, you can manipulate Kerberos tickets to get unauthorized access. A golden ticket attack is one in which you create a Kerberos-generating ticket that is good for 10 years or however long you choose.


 
InfoWorld/ Full Aricle Here/ http://www.infoworld.com/d/security/fear-the-golden-ticket-attack-248653

0 replies

Be the first to reply!

Reply