Threat Intel Flash Briefing - Kerberos Relaying to Local SYSTEM - podcast episode cover

Threat Intel Flash Briefing - Kerberos Relaying to Local SYSTEM

The Cyber Threat Perspective
Apr 27, 202224 minSeason 99Ep. 1
--:--
--:--
Listen in podcast apps:
Metacast
Spotify
Youtube
RSS

Episode description

There exists a universal no-fix local privilege escalation in Windows domain environments where LDAP signing is not enforced (the default settings). Thanks to the research and open source tools of several researchers, it's now trivial to elevate to SYSTEM on most Windows Operating Systems.

Resources:
https://github.com/Dec0ne/KrbRelayUp
https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html
https://github.com/cube0x0/KrbRelay
https://github.com/Dec0ne/KrbRelayUp

Social:
https://twitter.com/cyberthreatpov
https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Spencer's Twitter: https://x.com/techspence
Spencer's LinkedIn: https://linkedin.com/in/SpencerAlessi

Work with Us: https://securit360.com

Threat Intel Flash Briefing - Kerberos Relaying to Local SYSTEM | The Cyber Threat Perspective podcast - Listen or read transcript on Metacast