Tag Archives: Kerberoast

Kerberoast : Kerberoast Attack -Pure Python-

Kerberoast attack toolkit -pure python Install pip3 install kerberoast Prerequirements Python 3.6 See requirements.txt For the impatient IMPORTANT: the accepted target url formats for LDAP and Kerberos are the following<ldap_connection_url> : <protocol>+<auth-type>://<domain>\<user>:<password>@<ip_or_hostname>/?<param1>=<value1><kerberos_connection_url>: <protocol>+<auth-type>://<domain>\<user>:<password>@<ip_or_hostname>/?<param1>=<value1> Steps -with SSPI-: kerberoast auto <DC_ip> Steps -SSPI not used-: Look for vulnerable users via LDAPkerberoast ldap all <ldap_connection_url> -o ldapenum Use ASREP roast against users …

Continue reading “Kerberoast : Kerberoast Attack -Pure Python-“

targetedKerberoast : Kerberoast With ACL Abuse Capabilities

targetedKerberoast is a Python script that can, like many others (e.g. GetUserSPNs.py), print “kerberoast” hashes for user accounts that have a SPN set. This tool brings the following additional feature: for each user without SPNs, it tries to set one (abuse of a write permission on the servicePrincipalName attribute), print the “kerberoast” hash, and delete the temporary SPN …

Continue reading “targetedKerberoast : Kerberoast With ACL Abuse Capabilities”