BloomTech’s Downfall: A Long Time Coming

Breaking Kerberos' RC4 Cipher and Spoofing Windows PACs

Breaking Kerberos' RC4 Cipher and Spoofing Windows PACs

Black Hat via YouTube Direct link

Introduction

1 of 15
Next

1 of 15

Introduction

Class Central Classrooms beta

YouTube playlists curated by Class Central.

Classroom Contents

Breaking Kerberos' RC4 Cipher and Spoofing Windows PACs

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Introduction
  2. 2 What is Kerberos?
  3. 3 Default supported encryption types
  4. 4 Known weaknesses
  5. 5 Computing MD5 collisions
  6. 6 How to exploit?
  7. 7 A protocol using the broken CHKSUM
  8. 8 PAC authorization data
  9. 9 A small HashClash hack
  10. 10 Step 2: compute collision
  11. 11 Step 3: store collision bytes in scriptPath request PAC again
  12. 12 The problem with MAC-over-MAC
  13. 13 A successful (but limited) exploit
  14. 14 The patches
  15. 15 Black Hat Sound Bytes

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.