Most large enterprises regularly change their Kerberos passwords. Small- to medium-sized businesses, however, might not have changed them since implementing their domain infrastructure. When an attacker wiggles into a network, they can use the golden ticket attack sequence. Active Directory (AD) uses the KRBTGT in the AD domain for Kerberos tickets. If the KRBTGT account password hash is stolen or broken with an attack, the attackers can then grant themselves full access to your network with the necessary authentication.

To read this article in full, please click here

(Insider Story)

By admin