Ralf Hacker Channel
26.7K subscribers
407 photos
16 videos
503 files
487 links
Download Telegram
Forwarded from APT
This media is not supported in your browser
VIEW IN TELEGRAM
🔨KRBUACBypass

By adding a KERB-AD-RESTRICTION-ENTRY to the service ticket, but filling in a fake MachineID, we can easily bypass UAC and gain SYSTEM privileges.

Research:
https://www.tiraniddo.dev/2022/03/bypassing-uac-in-most-complex-way.html

Source:
https://github.com/wh0amitz/KRBUACBypass

#ad #kerberos #uac #bypass
Forwarded from APT
🔒 Protected Users and xfreerdp

By default xfreerdp does not support Kerberos authentication. As such you'll have to recompile it specifying the WITH_GSSAPI option. Also you'll need the libkrb5-dev package to handle TGT/ST requests :)

#ad #kerberos #xfreerdp #redteam
Forwarded from APT
🔐 FreeIPA Rosting (CVE-2024-3183)

A vulnerability recently discovered by my friend @Im10n in FreeIPA involves a Kerberos TGS-REQ being encrypted using the client’s session key. If a principal’s key is compromised, an attacker could potentially perform offline brute-force attacks to decrypt tickets by exploiting the encrypted key and associated salts.

🔗Source:
https://github.com/Cyxow/CVE-2024-3183-POC

#freeipa #kerberos #hashcat #cve

———
Добавляем доклад Миши в вишлист на Offzone 🚶‍♂️
Please open Telegram to view this post
VIEW IN TELEGRAM