Domain Dominance and Persistence

ON THIS SECTION WE WILL LEARN ABOUT 3 TECHNIQUES 1. GOLDEN TICKET , 2. SILVER TICKET AND 3. SKELETON KEY GOLDEN TICKET: A golden ticket is a special token that is created by penetration testers using the Security Identifier (SID) of the domain, the domain name, and the NTLMv1 hash of the Kerberos TGT. The golden ticket allows a penetration tester to gain access to any device within the domain by performing PTT(Pass The Ticket). This is possible because the golden ticket is encrypted using the hash of the Kerberos TGT account, which is the built-in krbtgt account on Active Directory. However, the golden ticket is not digitally signed by the krbtgt account hash but is encrypted only. This golden ticket allows anyone to impersonate any user with the privileges associated with the impersonated user on systems within the domain. To make this type of attack even more awesome, imagine that changing the password for the krbtgt account has zero effect on mitigating this attack on Active Directory. ...

November 24, 2025 · 4 min · 844 words · 0x-s0M3n4th