Menu

french flag

Ethereum Virtual Machine

Ethereum Virtual Machine

Ethereum Virtual Machine (EVM) is a virtual machine used to manage transactions on the Ethereum blockchain via smarts contracts. It’s an essential component of Ethereum, which we’re going to try and understand together.


Read more →

Ethereum

Ethereum

Unlike blockchains such as Bitcoin, which essentially allow Bitcoin cryptocurrency transactions to be sent, Ethereum also has something quite extraordinary: decentralized code execution.

Yes, decentralized. This means that we can write a program, code that is, and have it run not on one server, but on thousands of servers, or nodes. And the output of our program is also recorded in a decentralized way. I don’t know about you, but I think it’s incredible, and it really made me want to dig a little deeper into the subject.


Read more →

Blockchain 101

Blockchain 101

For several years now, I’ve been interested in a subject you’ve probably heard of: blockchains. I find it fascinating that a technology allows thousands of people to agree on so many subjects without the need for an intermediary. Decentralization is a subject that I believe has a lot of potential, and we’ll see in the long term whether this technology will endure or not. In any case, as it stands, it’s a hot topic! More recently, I’ve become interested in the Ethereum blockchain, smart contracts, and the security of smart contracts. We’re going to talk about all that here, here we go.


Read more →

Kerberos Delegation

Kerberos Delegation

Within an Active Directory, services can be used by users. Sometimes these services need to contact others, on behalf of the user, like a web service might need to contact a file server. In order to allow a service to access another service on behalf of the user, a solution has been implemented (introduced in Windows Server 2000) to meet this need : Kerberos Delegation.


Read more →

NTLM Relay

NTLM Relay

NTLM relay is a technique of standing between a client and a server to perform actions on the server while impersonating the client. It can be very powerful and can be used to take control of an Active Directory domain from a black box context (no credentials). The purpose of this article is to explain NTLM relay, and to present its limits.


Read more →

Kerberoasting

Kerberoasting

With the help of previously discussed notions, we have everything in hand to explain the Kerberoasting attack principle, based on the TGS request and the SPN attributes of Active Directory accounts.


Read more →

AS_REP Roasting

AS_REP Roasting

When asking for a TGT, by default, a user has to authenticate himself to the domain controller in order to get a response. Sometimes, no authentication is asked before returning a TGT for specific account, allowing an attacker to abuse this configuration.


Read more →

Service Principal Name (SPN)

Service Principal Name (SPN)

This article focuses on SPN (Service Principal Names) in order to understand what they are and how they are used.


Read more →