Password spraying is a well-known technique which consists of testing the same password on several accounts, in the hope that it will work for one of them. This technique is used in many different contexts: On web applications, the Cloud, services like SSH, FTP, and many others. It’s also widely used in internal penetration testing with Active Directory. It’s the latter that we’re going to focus on, because although the technique seems simple, it’s not easy to put it into practice wit...| hackndo
A large proportion of decentralised applications use tokens to function properly. These are tokens that are created on an existing blockchain using smart contracts. So, with the help of a smart contract.| hackndo
All data recorded by a smart contract is stored on the blockchain, and can thus be read by everyone. If any sensitive data is recorded by a smart contract, an attacker will be able to read it.| hackndo
Ethereum Virtual Machine (EVM) is a virtual machine used to manage transactions on the Ethereum blockchain via smarts contracts. It’s an essential component of Ethereum, which we’re going to try and understand together.| hackndo
With Ethereum, in addition to users sending transactions to transfer cryptocurrencies, it is possible to create small programs, smart contracts, which live on the blockchain, allowing decentralized code execution.| hackndo
A blockchain represents a decentralized register (or database). There is no central entity deciding whether a transaction is valid or not, but rather thousands of people or machines working to verify and validate these transactions, all governed by precise mathematical rules and concepts.| hackndo
In order to allow a service to access another service on behalf of the user, Kerberos Delegation has been implemented.| hackndo
This article aims to explain the Kerberoasting attack principle, based on the TGS request and the SPN attributes of Active Directory accounts.| hackndo
When asking for a TGT, a user has to preauthenticate himself to the domain controller in order to get a response. If preauthentication is disabled, this account is vulnerable to as_rep roasting attack.| hackndo
NTLM relay is a technique of standing between a client and a server to perform actions on the server while impersonating the client. Protections such as SMB signing or MIC allow to limit the actions of an attacker. This article goes into detail about this technique to understand how it works and what are its limits.| hackndo