Kerberoasting
a day ago
- #Microsoft
- #Cybersecurity
- #Kerberos
- Kerberoasting is a cryptographic vulnerability exploiting weaknesses in Microsoft's Active Directory (AD).
- AD uses the Kerberos protocol, which dates back to 1989, and still supports outdated cryptography like RC4 and unsalted NT hashes.
- The vulnerability allows attackers to perform offline dictionary attacks on service account passwords if they are human-generated and weak.
- Microsoft's recommendations to mitigate Kerberoasting include using automated key assignment, strong passwords, and disabling RC4, but they are not enforced proactively.
- The persistence of such vulnerabilities in 2024 highlights systemic issues in both administrative practices and Microsoft's legacy system management.