Golden Ticket Attack
A Golden Ticket is a forged Kerberos TGT (Ticket Granting Ticket) created using the KRBTGT account's NT hash. With it, an attacker can impersonate any user in the domain - including Domain Admins - and access any service for years.
Attack State
Attacker
PASSIVE
KDC
RUNNING
Golden Ticket Details
Forged User
-
Groups
-
Domain SID
-
Ticket Lifetime
-
Access Level
Privilege
-
Scope
-
Event Log