Kerberos Silver Ticket Attack Explained

Here are the previous videos I mentioned:
Kerberos explained: ua-cam.com/video/snGeZlDQL2Q/v-deo.html
Kerberoasting: ua-cam.com/video/xH5T9-m9QXw/v-deo.html
Golden ticket attack: ua-cam.com/video/o98_eRt777Y/v-deo.html
Tools I mentioned:
Rubeus: github.com/GhostPack/Rubeus
The Rubeus GUI I'm working on: github.com/VbScrub/Rubeus-GUI
My GetDomainSID tool: github.com/VbScrub/GetDomainSID

you don't know how much I appreciate your content, it's amazing... not only your way of explaining but the simplicity with which you do it, thanks Vbscrub!

Good explanation, thanks! Also your voice and video editing is chilling and enjoyable.

Good to see you back VBScrub!

im learning to the oscp exam, and your realy helping me ty so much i realy love they way you explain!

By the way, your videos about windows are amazing,.

Welcome back, mate!

This video is not in the tutorials playlist of yours.
Thanks for all the videos!

Awesome stuff!

Welcome back!

Very informative, If you can complete the gui tool on the golden ticket , that’s something cool

thanks, very helpful

thank you

helpful for your new box thanks :p

Is that something that you found regularly during assessments? (User accounts with weak passwords instead of GMSA)

i tested this method but i couldn't access to plain text with hashcat has it another way to access to silver ticket without hash crack?

If I am able to crack the service account hash via kerberoasting and authenticate to the sqlservice, what's the purpose of creating a "fake account" that enable us to log in into the sql service?

Thx

I tried to reproduce the steps you did in this video but I cannot login from remote computer. Did you use stock MSSQL configuration or you had to setup MSSQL?

Would you tell us a machine in HTB that can apply the knowledge learn in this video ?

Easy way to find sid "whoami /user" good explanation though