January 2019
Intermediate to advanced
548 pages
12h 7m
English
Another set of more sophisticated (and more recent) attacks is the abuse of Microsoft Kerberos vulnerabilities in an Active Directory environment. A successful attack leads to attackers compromising domain controllers and then escalating the privilege to the enterprise admin-and schema admin-level using the Kerberos implementation.
The following are typical steps when a user logs on with a username and password in a Kerberos-based environment: