creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 21:54:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/exploiting-constrained-delegation-abuse/references/workflows.md
T

723 B
Raw Blame History

Workflows - Constrained Delegation Abuse

S4U Attack Chain

1. Enumerate → findDelegation.py or PowerView
2. Obtain account credentials → password, hash, or TGT
3. S4U2self → Request ticket as target user to compromised service
4. S4U2proxy → Forward ticket to delegated service (CIFS/LDAP/HTTP)
5. Access → Use ticket for privileged access to target service
6. Escalate → DCSync via LDAP or file access via CIFS

Alternate Service Name Workflow

1. Delegation configured for: CIFS/DC01.domain.local
2. Request S4U ticket for CIFS as administrator
3. Modify SPN in ticket to LDAP/DC01.domain.local
4. Use modified ticket for DCSync (secretsdump.py -k)
5. Full domain compromise achieved
Reference in New Issue View Git Blame Copy Permalink