3 writeups tagged with Kerberos
Custom .NET info collector binary contains obfuscated LDAP password. GenericAll on DC via Resource-Based Constrained Delegation for Domain Admin.
Network printer admin panel LDAP credential exfiltration via attacker-controlled server. Server Operators group membership for domain privilege escalation.
ASREPRoasting on user names enumerated from the bank website. DCSync attack via GenericAll rights for Domain Admin hash dump.
