Diamond Ticket Attacks - Abusing Kerberos Trust
Diamond Ticket Attacks - Abusing Kerberos Trust
Introduction
The Diamond Ticket attack is an advanced method of privilege escalation in an Active Directory environment, using miscofigurations in the Kerberos Authentication and authorization mechanisms and the PACs (Privilege Attribute Certificates).
Kerberos Authentication
Ticket Structure
What is PAC?
Prerequisites
Diamond Ticket - From Linux (Remote)
Diamond Ticket - From Windows (Local)
This post is licensed under CC BY 4.0 by the author.