Kerberos Tickets

AGolden Ticket is a self-generated Kerberos ticket. It's most common to forge a Golden Ticket with Domain Administrator rights

Go to [beacon] -> Access -> Golden Ticket to forge a Golden Ticket from Cobalt Strike. Provide the following pieces of information and Cobalt Strike will use mimikatz to generate a ticket and inject it into your kerberos tray:

1) The user you want to forge a ticket

2) The domain you want to forge a ticket for

3) The domain's SID

4) The NTLM hash of the krbtgt user on a domain controller

Use kerberos_ticket_use [/path/to/ticket] to inject a Kerberos ticket into the current session. This will allow Beacon to interact with remote systems using the rights in this ticket.

Use kerberos_ticket_purge to clear any Kerberos tickets associated with your session.