Persistence - Golden Ticket Attack

Home Blog


Golden ticket attacks are really common and has a really long shelf life. I think the hardest part is obtaining Domain Administrator privleges first. Once this is done, an attacker can do anything! Spending more time on this course makes me think more and more like an attacker, which is a good thing!

Perisistence is such a big subject on its own. If the Domain Administrator is comprimised, and the Blue team finds out and changes the password. The attacker would have created multiple backdoors on the system so that when the Domain Administrator pathyway is patched up, the attackers will still have multiple ways of entering.

Again, this is under the assumption that the Domain Administrator account has been comprimised. Hope you enjoy the video and learned something new.

Click here for a video demonstration on the Golden Ticket Attack.