Threat Intel Flash Briefing - Kerberos Relaying to Local SYSTEM
There exists a universal no-fix local privilege escalation in Windows domain environments where LDAP signing is not enforced (the default settings). Thanks to the research and open source tools of several researchers, it's now trivial to elevate to SYSTEM on most Windows Operating Systems.
Resources:
https://github.com/Dec0ne/KrbRelayUp
https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html
https://github.com/cube0x0/KrbRelay
https://github.com/Dec0ne/KrbRelayUp
Social:
https://twitter.com/cyberthreatpov
https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer's Links: https://spenceralessi.com
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.
Fler avsnitt av The Cyber Threat Perspective
Visa alla avsnitt av The Cyber Threat PerspectiveThe Cyber Threat Perspective med SecurIT360 finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.