coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

GitBook: [#3382] No subject

Browse Source
This commit is contained in:
CPol 2022-08-14 19:26:29 +00:00 committed by gitbook-bot
parent 76cbe2ea5f
commit c5154431b6
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows-hardening/active-directory-methodology/constrained-delegation.md
View File

@ -27,7 +27,7 @@ Using this a Domain admin can **allow** a computer to **impersonate a user or co
This means that if you **compromise the hash of the service** you can **impersonate users** and obtain **access** on their behalf to the **service configured** (possible **privesc**).
Moreover, you **won't only have access to the service that the user is able to impersonate, but also to any service** because the SPN is not being checked, only privileges. Therefore, if you have access to **CIFS service** you can also have access to **HOST service** using `/altservice` flag in Rubeus.
Moreover, you **won't only have access to the service that the user is able to impersonate, but also to any service** because the SPN (the service name requested) is not being checked, only privileges. Therefore, if you have access to **CIFS service** you can also have access to **HOST service** using `/altservice` flag in Rubeus.
Also, **LDAP service access on DC**, is what is needed to exploit a **DCSync**.