Reply to post: Not as bad as it sounds surely?

Windows' authentication 'flaw' exposed in detail

PhilPotter

Not as bad as it sounds surely?

If I'm reading the linked blog post correctly, this isn't as bad as it sounds surely? To get the krbtgt account password, you need admin level access to a DC, remotely or otherwise. Also, to read cached tickets of other users on same machine, you need admin level access again - local machine or otherwise.

Whilst a problem admittedly, in a network where there are only one or two admins anyway, then as long as their accounts are not compromised, this attack can't happen. Am I right?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019