kerberoast: Kerberos attack toolkit in Python

Kerberoasting is one method ς που επιτρέπει σε έναν εισβολέα να σπάσει τους κωδικούς πρόσβασης των λογαριασμών υπηρεσίας στο Active Directory σύνδεσης και χωρίς τον φόβο s.

How it works kerberoast

  1. An attacker scans the Active Directory directory service for user accounts with specified SPN values, using any methods, including PowerShell and LDAP queries, scripts provided by the Kerberoast toolbox, or tools such as PowerSploit
  2. Once a list of target accounts is received, the attacker requests AD access to the service using SPN values
  3. Using Mimikatz, the attacker extracts the of the service in memory and stores the information in a file
  4. Once the credentials are stored on disk, the attacker passes them to a password cracking which will run a password dictionary as NTLM hashes with the service requests they have extracted until the request can be successfully opened. When the request is finally opened, it will be presented to the attacker in clear text.

Installation

pip3 install kerberoast

Application snapshots

Video guide

You can download the application from here.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).