snovvcrash
commented
1 year ago That's a good point!
I've fixed that the following way: in the beginning of the spray we create a single certificate with a randomly chosen target from the list to be the owner of the certificate (its samname and dn are populated within the subject and owner properties of the certificate respectively).
Regarding the changes for line 417 - I still think we should keep pywhisker printing successful attempts line by line 'cause it's more like the spraying style I guess (like we're used to see it with kerbrute, for example). Moreover, in large environments it may take time for the spray to complete and we shall not see the results until it finishes. Here's how it looks like line by line ⏬
But it's up to you to decide!
ShutdownRepo
Hey @ShutdownRepo, @p0dalirius!
I was already going to sleep when decided to scroll Twitter a bit and... I couldn't deny myself this PR after reading about ShadowSpray.
It's very quick and dirty and all it implements is a
forloop and lack of info messages but I guess it could be helpful anyways c:P. S. Credits to @Dec0ne for the idea of Shadow Credentials spraying!