Kerberos is a computer network authentication protocol used in Active Directory. This post explores Kerberos from the ground up to key attack surfaces. We cover the authentication flow and dissect techniques such as Kerberoasting, AS-REP roasting, Pass-the-Ticket, Overpass-the-Ticket, Golden, Silver, and Diamond ticket attacks.
Why Kerberos Exists?
Before Kerberos, network authentication meant sending a password or weak NTLM hash. Anyone within the same network segement could sniff this and impersonate the user.
Kerberos aims to fix this by letting clients prove who the are without exposing the password via encrypted, time-limited tickets from a trusted authority.
I’m going to sleep and shall continue this tomorrow :D
