Get Mystery Box with random crypto!

Relaying Kerberos over DNS using krbrelayx and mitm6 by Dir | PT SWARM

Relaying Kerberos over DNS using krbrelayx and mitm6

by Dirk-jan Mollema

In scenario, where attacker have the ability to spoof a DNS server via DHCPv6 spoofing with mitm6, he can get victim machines to reliably authenticate to him using Kerberos and their machine account. This authentication can be relayed to any service that does not enforce integrity, such as Active Directory Certificate Services (AD CS) http(s) based enrollment, which in turn makes it possible to execute code as SYSTEM on that host. This technique is faster, more reliable and less invasive than relaying WPAD authentication with mitm6, but does of course require AD CS to be in use.

Contents:
• Kerberos over DNS
• Abusing DNS authentication
• Changes to krbrelayx and mitm6
• Attack example
• Defenses
• Mitigating mitm6
• Mitigating relaying to AD CS
• Tools

https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6
Next Message
telegram-store.com © 2016-2024
Non official site about Telegram
All rights reserved. Copying and using of full materials is prohibited, partial quoting is possible only with a hyperlink to the site telegram-store.com.