Unsupported MechType 'NTLMSSP - Microsoft NTLM Security Support Provider

[Cyb3rGh0st786]

Hello Dirk,

I get the "Unsupported MechType 'NTLMSSP - Microsoft NTLM Security Support Provider" in the last step when I try to authenticate with printer-bug and DFSCoerce. I could not find what the issue was. I have followed the below steps.

1. DC - 2016
2. Attacker- Kali
3. Unconstrained delegation machine- Windows 10

Step - 1 I got the AES-256 and 128 as well as NTHash of the machine account by running secretsdump.py

Step - 2 Queried for the SPN

Step - 3 Added SPN record

Step - 4 Added DNS record

Step-5 A record

Step- 6 nslookup verification

Step - 7 Printer Bug

DFSCoerce

Step - 8 Krbrelayx setup

Ultimately, I got the 'NTLMSSP - Microsoft NTLM Security Support Provider' error.

I could not find figure out what the issue is

[Cyb3rGh0st786]

@dirkjanm , I have also set up the SPN and both HOST and CIFS records Could not figure out what the issue is

[dirkjanm]

You appear to be coercing the connection based on an IP address instead of a hostname. If you use an IP address, the server will not initiate Kerberos but only use NTLM authentication as Kerberos requires a hostname.

[Cyb3rGh0st786]

Hello @dirkjanm, Thank you for the reply. When I use the hostname, I don't get any call back on the krbrelayx.py script. I only get it when I use the IP address. Also, I set up the DNS entry and here is the screenshot.

Please help with what the issue could be.

[dirkjanm]

I don't know if this is a local lab, but this issue indicates that the server you are talking to might not be using the DNS server you added the record on, or you did not add the DNS record correctly. Note that in step 4 you appear to be using an SPN format and not an FQDN format for the DNS record. Also in step 5 you seem to remove the same record again?

[Cyb3rGh0st786]

Thank you so much and I will verify the same.