TARGETED AS-REP ROASTING
Targeted AS-REP roasting is also known as Set-SPN attack
Checking "GenericAll" or "GenericWrite" permission on ACL to modify the SPN
Attacker should be a part of any AD object same as Victim
Enumerating whether the Victim has SPN
Forcefully setting SPN for the Victim
Verifying once, whether SPN is set or not
Requesting a new TGS for the SPN we set manually
Requesting a new TGS to the service from an user account
PowerView
Active Directory Module
Verifying tickets using klist
CRACK
Last updated