Breaking Kerberos' RC4 Cipher and Spoofing Windows PACs

Explore the vulnerabilities in Kerberos' RC4 cipher and learn how to spoof Windows PACs in this 41-minute Black Hat conference talk. Dive into the Active Directory implementation of Kerberos, focusing on the deprecated but still widely used RC4 encryption type. Discover how the speaker identified a flaw in RC4's implementation and the challenges of turning this cryptographic weakness into a practical attack. Examine topics such as overpass-the-hash attacks, Kerberoasting, and the computation of MD5 collisions. Follow the step-by-step process of exploiting the vulnerability, including PAC authorization data manipulation and collision byte storage. Gain insights into the limitations of the exploit and the subsequent patches implemented to address these security concerns.

Introduction
What is Kerberos?
Default supported encryption types
Known weaknesses
Computing MD5 collisions
How to exploit?
A protocol using the broken CHKSUM
PAC authorization data
A small HashClash hack
Step 2: compute collision
Step 3: store collision bytes in scriptPath request PAC again
The problem with MAC-over-MAC
A successful (but limited) exploit
The patches
Black Hat Sound Bytes