I thought you cannot relay hash directly to the Domain Controller, since SMB signing is set to ON by default on DC. How is it you are showing it can be done here?
FQDN to access something refers to specifying the complete domain name for a resource, including the hostname and the domain suffix (e.g., hostname.example.com) "break it" is related to LLMNR. ( look at the example how he got the NTLM hash. break it means in local networks for name resolution when the DNS resolution fails, typically due to DNS server unavailability or misconfiguration. then the LLMNR coming up to play. try to google how FQDN & LLMNR related to each other.
With the wpad example were you able to crack the machine account? If so I’d like to see a video showing how that is accomplished in a reasonable amount of time. By default every 30 days Windows boxes change their password.
shroud, king of reddit, is now AD red teamer. What a legend!
Awesome talk! There should be a 2024 version now
Great but cant see the projector screen, please show it in other presentations
Awesome. Thats a good content for AD pentesting knowledge
Thanks I did not know Shroud knows INFOSEC!
i swear i thot abt the same thing lol
lol
xdd
😂 spot on
lmao
This is awesome! Thanks for the great content, I learned so much
it is very basic AD attacks ^^
Great talk and explanations!
I thought you cannot relay hash directly to the Domain Controller, since SMB signing is set to ON by default on DC. How is it you are showing it can be done here?
If your devices are relying on LLMNR to communicate, they are already broken 😂
Can someone help? At 12:57, what does it mean if using FQDN to access something, it will break it?
FQDN to access something refers to specifying the complete domain name for a resource, including the hostname and the domain suffix (e.g., hostname.example.com)
"break it" is related to LLMNR. ( look at the example how he got the NTLM hash.
break it means in local networks for name resolution when the DNS resolution fails, typically due to DNS server unavailability or misconfiguration. then the LLMNR coming up to play.
try to google how FQDN & LLMNR related to each other.
Learned a lot! Thanks
still relevant and good!
It would be great if you share the presentation slides here.
With the wpad example were you able to crack the machine account? If so I’d like to see a video showing how that is accomplished in a reasonable amount of time. By default every 30 days Windows boxes change their password.
So you really don't think anyone can totally understand kerberos will watch your video😂😅😊