Privilege Escalation - Silver Ticket Attack

Home Blog


In this entry, I'll demonstrate a Silver Ticket attack. Interesting thing about this attack is that you don't need high valued credentials to be able to do this. Any computer account can be dumped and be used to forge a Silver TGS. Another great thing about this is that it does not communicate with the KDC. Which means that it is much harder to detect vs the Golden Ticket attack.

I love this because computer accounts hashs are easy to obtain. From here, we can do ninja things like catching a reverse shell by scheduling tasks or even enabling PSRemoting on the sever as Administrator. I hope you enjoy this video

Click here for a video demonstration on the Silver Ticket attack