Great News!
Many students who study using our platform have reported that a large number of the practice questions here are very similar to those that appear in real exams. View Courses
Many students who study using our platform have reported that a large number of the practice questions here are very similar to those that appear in real exams. View Courses
You are conducting a penetration test against an organization's Windows network. You have dumped the hash of their krbtgt account from the server's memory and used it to create golden tickets. Which of the following types of privilege escalation have you performed?
The correct answer is B) Kerberoasting.
Kerberoasting: In a Windows network, the krbtgt account is a key component of the Kerberos authentication process. By dumping the hash of the krbtgt account from the server's memory and creating golden tickets, you are essentially exploiting the Kerberos authentication protocol. Kerberoasting is the process of extracting service account ticket hashes from the Ticket Granting Service (TGS), and in this case, you're using the krbtgt account hash to create a golden ticket, which allows you to impersonate any user, including privileged accounts. This is a method of privilege escalation because it grants the attacker unrestricted access to the network resources, bypassing normal authentication.
Why the others are incorrect:
DLL hijacking: DLL hijacking is a method where an attacker places a malicious DLL file in a location where a legitimate process will load it. This is typically used to escalate privileges in a local environment, but it is not related to the creation of golden tickets or Kerberos attacks.
Insecure sudo: Insecure sudo refers to a situation in Unix/Linux environments where an unprivileged user has the ability to run certain commands with elevated privileges via the sudo command. This is not related to Windows or Kerberos and does not apply to the creation of golden tickets.
cPassword extraction: cPassword is a registry key used in older versions of Windows (prior to Windows 10) to store credentials for encrypted services. Extracting cPassword would be a method of credential extraction, but it does not involve creating golden tickets or exploiting the Kerberos protocol.
No Payment Cards Needed
Discover a range of courses designed to provide you with the knowledge and skills needed to excel in your chosen field.
You don’t need one month to study and pass your test.
With Prepsaret, it takes you a few days to grasp all the concepts needed to pass your exams
