dirkjanm
commented
2 years ago could you double check the domain names (FQDN instead of NETBIOS) and the names of the computer/certificate (and whether they are escaped properly)
Closed ivanov21 closed 2 years ago
dirkjanm
commented
2 years ago could you double check the domain names (FQDN instead of NETBIOS) and the names of the computer/certificate (and whether they are escaped properly)
ivanov21
commented
2 years ago Hello, tried all possible domain/computer name combinations, either i get the same error or this other one :
python ../PKINITtools-master/gettgtpkinit.py EVIL/DC1-WS2019.evil.corp -cert-pfx crt.pfx -dc-ip 192.168.114.2 DC1-WS2019.ccache
2021-12-04 03:35:37,043 minikerberos INFO Loading certificate and key from file
2021-12-04 03:35:37,123 minikerberos INFO Requesting TGT
Traceback (most recent call last):
File "/home/kali/Take and learn/MSEFSR ADCS/../PKINITtools-master/gettgtpkinit.py", line 349, in
ivanov21
commented
2 years ago Fixed, It was a date/time problem between my 2 DCs.
Hello, get this error when trying to get tgt with gettgtpkinit.py (it's ok with rubeus):
python3 gettgtpkinit.py EVIL/DC1-WS2019$ -pfx-base64 @base64Value -dc-ip 192.168.114.2 DC-WS2019.ccache
2021-11-28 04:54:42,236 minikerberos INFO Loading certificate and key from file 2021-11-28 04:54:42,314 minikerberos INFO Requesting TGT Traceback (most recent call last): File "/home/kali/Take and learn/PKINITtools-master/gettgtpkinit.py", line 349, in
main()
File "/home/kali/Take and learn/PKINITtools-master/gettgtpkinit.py", line 345, in main
amain(args)
File "/home/kali/Take and learn/PKINITtools-master/gettgtpkinit.py", line 315, in amain
res = sock.sendrecv(req)
File "/home/kali/Take and learn/MSEFSR ADCS/impacket/impacket/lib/python3.9/site-packages/minikerberos/network/clientsocket.py", line 87, in sendrecv
raise KerberosError(krb_message)
minikerberos.protocol.errors.KerberosError: Error Code: 62 Reason: The client trust failed or is not implemented