{"uuid": "d20ea43d-e346-481a-803d-56464d663a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3183", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1523", "content": "\ud83d\udd10 FreeIPA Rosting (CVE-2024-3183)\n\nA vulnerability recently discovered by my friend @Im10n in FreeIPA involves a Kerberos TGS-REQ being encrypted using the client\u2019s session key. If a principal\u2019s key is compromised, an attacker could potentially perform offline brute-force attacks to decrypt tickets by exploiting the encrypted key and associated salts.\n\n\ud83d\udd17Source: \nhttps://github.com/Cyxow/CVE-2024-3183-POC\n\n#freeipa #kerberos #hashcat #cve\n\n\u2014\u2014\u2014\n\u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c \u0434\u043e\u043a\u043b\u0430\u0434 \u041c\u0438\u0448\u0438 \u0432 \u0432\u0438\u0448\u043b\u0438\u0441\u0442 \u043d\u0430 Offzone \ud83d\udeb6\u200d\u2642\ufe0f", "creation_timestamp": "2024-08-21T23:42:19.000000Z"}