Privilege Escalation with Rubeus

After getting initial access to a domain, your job is to escalate privileges to get admin-level access. In this course, you will learn how to use Rubeus to perform two well-known privilege escalation attacks: Kerberoasting and AS-REP Roasting.

One of your main objectives in a red team engagement is getting admin-level access to the domain. Escalating your privileges through vulnerability exploitation is usually difficult in highly-patched environments. In this course, Privilege Escalation with Rubeus, we will explore how to get admin credentials using two well-known attacks against active directory domains: Kerberoasting and AS-REP Roasting. First, you will learn how to harvest hashed credentials using Rubeus to execute a Kerberoasting attack. Then, you will see how to harvest even more hashed credentials using the AS-REP technique. Finally, you will explore how to crack those hashed passwords using Hashcat. This course covers three important tactics from the Mitre Att&ck framework: Access Token Manipulation (T1134), Kerberoasting (T1558.003) and AS-REP Roasting (T1558.004).