Glad to finally get my AS-REQ research out there. @Microsoft decided requesting ST's from the AS was by design so here's a couple of ways to Kerberoast without any creds and bypass detections based on 4769's
Glad to finally get my AS-REQ research out there. @Microsoft decided requesting ST's from the AS was by design so here's a couple of ways to Kerberoast without any creds and bypass detections based on 4769's
@exploitph Very nice work, well done! Love the ingenuity :)
@exploitph @Microsoft Really great stuff Charlie!
@exploitph @snovvcrash @Microsoft Really awesome stuff! Nice work :)
@exploitph @Microsoft Works perfectly ! Thank you 🙏
@exploitph @Microsoft Awesome work Charlie, well done! New attack paths will be imagined through the findings you’re reporting 👏
@exploitph @Microsoft I want to know your secret!!! How did you manage to install FAST? Every time I enable it it breaks my hosts...
@exploitph @Microsoft The attack looks great! And finally STs are called STs and not “TGS Tickets” 😆
@exploitph @Microsoft That was a very cool read, thanks for sharing
@exploitph @Microsoft Congratulations ! I devoured this article. Thanks for your work ! Can't wait to read more about it. 😉
@exploitph @snovvcrash @Microsoft Does this mean you can potentially conduct a Kerberoast attack without the 4769 event generated