Overview

Introduction

The Cracking Kerberos module provides you with the instructions and devices to develop your hands-on skills in the following topic:

  • Reading Kerberos credentials

Lab time: It will take approximately 60 minutes to complete this lab.

Exam Objectives

The following objective is covered in this lab:

  • System hacking

Exercise 1 - Reading Kerberos Credentials

Kerberos is a protocol that authenticates the requests between the systems in an untrusted network. It is built into all the major operating systems. It is the default authentication method in Windows operating system. In the earlier versions of Windows operating systems such as Windows XP, there were certain vulnerabilities that could be exploited to crack the Kerberos credentials.

However, with the advent of Windows 10, Kerberos uses virtualization-based security to protect the credentials of the signed-in user’s logon session. Signed-in credentials will not be passed to a remote host in the network.

In this exercise, you will learn how to crack the password of Windows XP device’s Administrator account by exploiting the vulnerability using Metasploit framework. PLABKSRV01 is the attacker device and PLABXP01 is the target or the victim.