Completed
Default supported encryption types
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Breaking Kerberos' RC4 Cipher and Spoofing Windows PACs
Automatically move to the next video in the Classroom when playback concludes
- 1 Introduction
- 2 What is Kerberos?
- 3 Default supported encryption types
- 4 Known weaknesses
- 5 Computing MD5 collisions
- 6 How to exploit?
- 7 A protocol using the broken CHKSUM
- 8 PAC authorization data
- 9 A small HashClash hack
- 10 Step 2: compute collision
- 11 Step 3: store collision bytes in scriptPath request PAC again
- 12 The problem with MAC-over-MAC
- 13 A successful (but limited) exploit
- 14 The patches
- 15 Black Hat Sound Bytes