Privilege Escalation with Rubeus
Offered By: Pluralsight
Course Description
Overview
After getting initial access to a domain, your job is to escalate privileges to get admin-level access. In this course, you will learn how to use Rubeus to perform two well-known privilege escalation attacks: Kerberoasting and AS-REP Roasting.
One of your main objectives in a red team engagement is getting admin-level access to the domain. Escalating your privileges through vulnerability exploitation is usually difficult in highly-patched environments. In this course, Privilege Escalation with Rubeus, we will explore how to get admin credentials using two well-known attacks against active directory domains: Kerberoasting and AS-REP Roasting. First, you will learn how to harvest hashed credentials using Rubeus to execute a Kerberoasting attack. Then, you will see how to harvest even more hashed credentials using the AS-REP technique. Finally, you will explore how to crack those hashed passwords using Hashcat. This course covers three important tactics from the Mitre Att&ck framework: Access Token Manipulation (T1134), Kerberoasting (T1558.003) and AS-REP Roasting (T1558.004).
One of your main objectives in a red team engagement is getting admin-level access to the domain. Escalating your privileges through vulnerability exploitation is usually difficult in highly-patched environments. In this course, Privilege Escalation with Rubeus, we will explore how to get admin credentials using two well-known attacks against active directory domains: Kerberoasting and AS-REP Roasting. First, you will learn how to harvest hashed credentials using Rubeus to execute a Kerberoasting attack. Then, you will see how to harvest even more hashed credentials using the AS-REP technique. Finally, you will explore how to crack those hashed passwords using Hashcat. This course covers three important tactics from the Mitre Att&ck framework: Access Token Manipulation (T1134), Kerberoasting (T1558.003) and AS-REP Roasting (T1558.004).
Taught by
Ricardo Reimao
Related Courses
Network SecurityGeorgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent