Forged tickets

Silver and Golden tickets are forged Kerberos tickets that can be used with pass-the-ticket to access services in an Active Directory domain.

• When one of krbtgt's Kerberos keys is known, a golden ticket attack can be conducted to keep privileged access until that account's password is changed.

• Let service be an account in charge of various services indicated in its ServicePrincipalNames attribute, when one of service's Kerberos keys is known, a silver ticket attack can be conducted to keep privileged access to those managed services until that account's password is changed.