I thought you cannot relay hash directly to the Domain Controller, since SMB signing is set to ON by default on DC. How is it you are showing it can be done here?
FQDN to access something refers to specifying the complete domain name for a resource, including the hostname and the domain suffix (e.g., hostname.example.com) "break it" is related to LLMNR. ( look at the example how he got the NTLM hash. break it means in local networks for name resolution when the DNS resolution fails, typically due to DNS server unavailability or misconfiguration. then the LLMNR coming up to play. try to google how FQDN & LLMNR related to each other.
With the wpad example were you able to crack the machine account? If so I’d like to see a video showing how that is accomplished in a reasonable amount of time. By default every 30 days Windows boxes change their password.
still relevant and good!
Learned a lot! Thanks
Great talk and explanations!
Great but cant see the projector screen, please show it in other presentations
Thanks I did not know Shroud knows INFOSEC!
i swear i thot abt the same thing lol
lol
xdd
😂 spot on
Awesome. Thats a good content for AD pentesting knowledge
This is awesome! Thanks for the great content, I learned so much
it is very basic AD attacks ^^
If your devices are relying on LLMNR to communicate, they are already broken 😂
I thought you cannot relay hash directly to the Domain Controller, since SMB signing is set to ON by default on DC. How is it you are showing it can be done here?
Can someone help? At 12:57, what does it mean if using FQDN to access something, it will break it?
FQDN to access something refers to specifying the complete domain name for a resource, including the hostname and the domain suffix (e.g., hostname.example.com)
"break it" is related to LLMNR. ( look at the example how he got the NTLM hash.
break it means in local networks for name resolution when the DNS resolution fails, typically due to DNS server unavailability or misconfiguration. then the LLMNR coming up to play.
try to google how FQDN & LLMNR related to each other.
It would be great if you share the presentation slides here.
With the wpad example were you able to crack the machine account? If so I’d like to see a video showing how that is accomplished in a reasonable amount of time. By default every 30 days Windows boxes change their password.
So you really don't think anyone can totally understand kerberos will watch your video😂😅😊