Flossin
Arena Tactician
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1
400 XP
KRBUACBypass
This POC is inspired by James Forshaw (https://twitter.com/tiraniddo) shared at BlackHat USA 2022 titled “https://i.blackhat.com/USA-22/Wednesday/US-22-Forshaw-Taking-Kerberos-To-The-Next-Level.pdf ”
By adding a KERB-AD-RESTRICTION-ENTRY to the service ticket, but filling in a fake MachineID, we can easily bypass UAC and gain SYSTEM privileges.
Link:
UAC Bypass By Abusing Kerberos Tickets. Contribute to wh0amitz/KRBUACBypass development by creating an account on GitHub.
github.com
This POC is inspired by James Forshaw (https://twitter.com/tiraniddo) shared at BlackHat USA 2022 titled “https://i.blackhat.com/USA-22/Wednesday/US-22-Forshaw-Taking-Kerberos-To-The-Next-Level.pdf ”
By adding a KERB-AD-RESTRICTION-ENTRY to the service ticket, but filling in a fake MachineID, we can easily bypass UAC and gain SYSTEM privileges.
Code:
[/SIZE] KRBUACBypass.exe asktgs KRBUACBypass.exe krbscm [SIZE=5]Link:
You must upgrade your account or reply in the thread to view hidden text.
UAC Bypass By Abusing Kerberos Tickets. Contribute to wh0amitz/KRBUACBypass development by creating an account on GitHub.