This scenario serves as a guide on how to:
– Abuse user-managed Windows service accounts that utilize weak passwords to compromise Active Directory Environments.
– Use a technique known as Kerberoasting to crack passwords offline.
– Understand the techniques of performing security assessments to identify Active Directory misconfigurations during penetration testing engagements.
OBJECTIVES AND OUTCOME:
After completing this scenario, you will be able to:
– Learn how user-managed Windows Service Accounts that utilize weak passwords can be abused.
In order to get the full benefit from this scenario, it is suggested that you have competencies in the following areas:
– Windows domains.
It is suggested that you consult with these recommended reading resources and pre-existing scenarios:
This scenario was created by Simon Loizides.