Threat Intel Flash Briefing - Kerberos Relaying to Local SYSTEM Artwork

The Cyber Threat Perspective

Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting topics.

brad@securit360.com

All Episodes

The Cyber Threat Perspective

Threat Intel Flash Briefing - Kerberos Relaying to Local SYSTEM

April 27, 2022 • Offensive Security - SecurIT360 • Season 99 • Episode 1

There exists a universal no-fix local privilege escalation in Windows domain environments where LDAP signing is not enforced (the default settings). Thanks to the research and open source tools of several researchers, it's now trivial to elevate to SYSTEM on most Windows Operating Systems.

Resources:
https://github.com/Dec0ne/KrbRelayUp
https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html
https://github.com/cube0x0/KrbRelay
https://github.com/Dec0ne/KrbRelayUp

Social:
https://twitter.com/cyberthreatpov
https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://twitter.com/cyberthreatpov
Work with Us: https://securit360.com