CRTP (Certified Red Team Professional)
{Session3}
kerberos attacks(persistence):
- custom SSP(security support provider)
- AdminSDHolder with ACL
- Rights Abuse
- Security Descriptors
custom SSP(security support provider):-
it’s a dll that allows the application to obtain an authenticated connection.
SSP packeges:-
- NTLM
- Kerberos
- Wdigest
- CredSSP
Mimikatz provides SSP that logs local logons service account and machine accounts passwords in clear text.
AdminSDHolder with ACL:-
used to control permissions for protected groups and it’s in system container.
Rights Abuse:-
Lab manual Learning Object 12:-
End of Learning Object 12
Security Descriptors:-
WMI:-
Powershell Remoting:-
Remote Registry:-
Lab manual Learning Object 13:-
End of Learning Object 13
Privilege Escalation//:
- kerberoast
- Targeted kerberoasting -As-REPs
- Targeted kerberoasting -Set SPN
- Kerberos Delegation
- Unauthorized Delegation
- Constrained Delegation
kerberoast:-
Lab manual Learning Object 14:-
End of Learning Object 14
Targeted kerberoasting -As-REPs:-
Targeted kerberoasting -Set SPN:-
Kerberos Delegation:-
Unauthorized Delegation:-
Printer Bug:-
Coercer:-
Lab manual Learning Object 15:-
End of Learning Object 15
Constrained Delegation:-
Protocol Transition:-
Lab manual Learning Object 16:-
End of Learning Object 16
Resource based Constrained Delegation:-
Lab manual Learning Object 17:-
End of Learning Object 17
End of module3
Created On 12ed, January 2024
Edited on 12ed, January 2024
