Kerberos is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
Protocol used for authentication in a Windows domain. Cracks passwords for remote service accounts without sending a single packet to the service. Rewrites tickets to escalate permissions impersonating any user or pretending to be in a known group.
In a Microsoft AD domain, the main authentication mechanism is Kerberos.
Kerberos is a network authentication protocol based on tickets. The protocol allows 2 parties (a client and a server for example) to authenticate to each other over an insecure network channel, provided that both parties trust a third party; the Kerberos server!
The main components of a Kerberos transaction are:
- The KDC (Key Distribution Center)
- The client requesting access
- The service the client is attempting to obtain access to
While Kerberos, is the preferred mechanism, Windows will revert to NTLMv2 if Kerberos is not available (unless explicitly disabled).
