Too Long; Didn't Read
Lets talk about some old security here. Kerberos! This is a couple years old but sadly still works. Kerberos is the authentication system for windows and ad networks. There is an exploit that allows us to get back a poorly encrypted hash of valuable logins all directly from the domain controller, this is done once you have an authenticated user, so it isn’t the main way in but once you have a foothold you can pivot to a more useful account. Lets have a brief breakdown of how kerberos works, borrowed from <a href="https://adsecurity.org/?p=3458" target="_blank">https://adsecurity.org/?p=3458</a>