Description

Due to the operation of the Kerberos service it is possible to extract krbtgs hashes of users within the domain.

Impact

Obtain users hashes.

Recommendation

Configure a logger to alert Kerberoast attacks.

Threat

Unauthorized domain user with valid credentials in the internal network.

Expected Remediation Time

⏱️ 120 minutes.

Requirements

Fixes