URL details: eladshamir.com/2021/06/21/Shadow-Credentials.html
URL title:
Shadow Credentials: Abusing Key Trust Account Mapping for Account Takeover | Elad Shamir
URL description:
The techniques for DACL-based attacks against User and Computer objects in Active Directory have been established for years. If we compromise an account that has delegated rights over a user account, we can simply reset their password, or, if we want to be less disruptive, we can set an SPN or disable Kerberos pre-authentication and try to roast the account. For computer accounts, it is a bit more complicated, but RBCD can get the job done. These techniques have their shortcomings: Resetting a user’s passwo
URL last crawled:
2022-06-20
URL speed:
1.030 MB/s,
downloaded in 0.030 seconds
We found no external links pointing to this url.