Kerberoast attack toolkit -pure python Install pip3 install kerberoast Prerequirements Python 3.6 See requirements.txt For the impatient IMPORTANT: the accepted target url formats for LDAP and Kerberos are the following<ldap_connection_url> : <protocol>+<auth-type>://<domain>\<user>:<password>@<ip_or_hostname>/?<param1>=<value1><kerberos_connection_url>: <protocol>+<auth-type>://<domain>\<user>:<password>@<ip_or_hostname>/?<param1>=<value1> Steps -with SSPI-: kerberoast auto <DC_ip> Steps -SSPI not used-: Look for vulnerable users via LDAPkerberoast ldap all <ldap_connection_url> -o ldapenum Use ASREP roast against users …
Continue reading “Kerberoast : Kerberoast Attack -Pure Python-“