Closed snovvcrash closed 1 year ago
That's a good point!
I've fixed that the following way: in the beginning of the spray we create a single certificate with a randomly chosen target from the list to be the owner of the certificate (its samname
and dn
are populated within the subject
and owner
properties of the certificate respectively).
Regarding the changes for line 417 - I still think we should keep pywhisker printing successful attempts line by line 'cause it's more like the spraying style I guess (like we're used to see it with kerbrute, for example). Moreover, in large environments it may take time for the spray to complete and we shall not see the results until it finishes. Here's how it looks like line by line ⏬
But it's up to you to decide!
Agreed 100%, merging, thank you @snovvcrash !
Hey @ShutdownRepo, @p0dalirius!
I was already going to sleep when decided to scroll Twitter a bit and... I couldn't deny myself this PR after reading about ShadowSpray.
It's very quick and dirty and all it implements is a
for
loop and lack of info messages but I guess it could be helpful anyways c:P. S. Credits to @Dec0ne for the idea of Shadow Credentials spraying!