Golden Ticket Attack

Info

This note is still in development.

TL;DR¶

A Golden Ticket attack is post-exploitation attack where a compromised and extracted KRBTGT account hash is used to forge Ticket-Granting-Tickets (TGTs), allowing unfettered access to the domain.