enj5oy
enj5oy
When i need generate certificate from domainA.contoso.local to target victimuser in domainB.contoso.local. For authentication i use NT hash with this command: `python3 pywhisker.py -a add -d domainA.contoso.local -u admin -H...
Busiest path not work. OS:kali 
### Configuration impacket version: v0.12.0.dev1+20230817.32422.a769683f Python version: 3.10 Target OS: Windows Server 2016  After this command user created with hash 31d6cfe0d16ae931b73c59d7e0c089c0 and user is disabled
Smbclient with kerberos work fine dcomexec with kerberos not work ### Configuration impacket version: Python version: 3.11.4 Target OS: Windows 10 22H2  
### Configuration impacket version: v0.12.0.dev1+20231103.113049.2d00fc6a Python version: Python 3.11.6 Target OS: Windows Server 2016 192.168.0.3 is Domain Controller file.txt: ldap://192.168.0.3 When relay Domain Admin contoso\administrator with -t ldap://192.168.0.3 attack works....
How i can configure ntlmrelayx for relay users from specific domain? For specific user it is work: python3 ntlmrelayx.py -t contoso\\[email protected] -smb2support -socks But for domain not: python3 ntlmrelayx.py -t...
In this article https://dirkjanm.io/active-directory-forest-trusts-part-one-how-does-sid-filtering-work/ , when trusts between forests has flag TREAT_AS_EXTERNAL, we can generate ticket with extrasids >1000 . Author generate this ticket with mimikatz: kerberos::golden /domain:forest-a.local /sid:S-1-5-21-3286968501-24975625-1618430583 /rc4:b8e9b4b3feb56c7ba1575bf7fa3dc76f...
Hi! I have foresta.contoso.local and forestb.contoso.local. I need login with [email protected] to dc1.forestb.contoso.local msldap ldap+kerberos-ccache://foresta\\admin:[email protected]/?dc=192.168.2.1 I got error KDC_ERR_WRONG_REALM
minikerberos-getTGT can request tgt  msldap can't auth to dc with ldap+kerberos auth 
### Configuration impacket version: Python version: Python 3.11.6 Target OS: Windows 11 knowsmore --bloodhound --sync-to 127.0.0.1:7687 -p  