THREATOPS
THREAT OPSThreat News › Exploring cross-domain & cross-forest RBCD: part 2

Exploring cross-domain & cross-forest RBCD: part 2

lowsynacktiv

Kerberos delegation capabilities in Linux-based tooling have been extended to allow impersonating any user within a forest. This assumed identity can then be leveraged to access resources across any domain within that forest, or even in a remote forest, provided that a trust relationship exists and appropriate delegation rights are configured. This article provides a deep dive into recursive Kerbe

Original source: https://www.synacktiv.com/en/publications/exploring-cross-domain-cross-forest-rbcd-part-2.html