Closed thelikes closed 9 months ago
CravateRouge
commented
1 year ago Maybe it's because you put the ip address of the host instead of the hostname. Try to replace that and add an entry in /etc/hosts. If it still doesn't work check my blog with a detailed article on Kerberos with bloodyAD
thelikes
commented
1 year ago Hey, thanks for the response - I still haven't resolved this. Would you mind sharing the typical krb5.conf you use with bloodyAD? I have performed more trouble shooting and referenced your blog for help, without success. I have tried updating /etc/hosts and tried with an IP or hostname in the command, I have attempted with many configurations for krb5.conf. The one thing that I find very interesting is that the impacket example tools work with the tickets I have, but the ldap3 package+bloodyAD does not- any idea what this could be / what else I could look into to debug? Thank you in advance.
CravateRouge
commented
1 year ago @thelikes the krb5 lib on linux changed and now requires to add en entry for your domain and KDC in /etc/krb5.conf like showed here: https://github.com/CravateRouge/bloodyAD/wiki/Authentication-Methods#troubleshooting
Hi- Awesome tool, can't thank enough.
I have real trouble getting bloodyAD to work with a ccache file. In many cases now, I have been able to obtain a ccache file and interact with the domain using tools such as impacket and smbclient. However, when I do the same
export KRB5CCNAME=...and try to use bloodyAD, I seem to always receive the same error:I've spent time debugging, configuring krb5.conf, dns, more dns, and even more dns. Typical command I am trying to run:
Am I doing something wrong? Missing some resource? Or is this a bug?