Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the Domain)At Black Hat USA 2015 this summer (2015), I spoke about the danger in having Kerberos Unconstrained Delegation configured in the environment. When Active Directory was first released with Windows 2000 Server, Microsoft had to provide a simple mechanism to support scenarios where a user authenticates… 重點在於When the user's service ticket(TGS) is provided to the server for service access, the server opens...

https://netsec.expert/posts/write-a-crypter-in-any-language/ https://gist.github.com/ctigeek/2a56648b923d198a6e60