search

ropnop / go-windapsearch

Utility to enumerate users, groups and computers from a Windows domain through LDAP queries
BSD 3-Clause "New" or "Revised" License
343 stars 46 forks source link

Feature request: Kerberos authentication #12

Open tuv7041 opened 3 years ago

tuv7041 commented 3 years ago

Hi! First of all, thank you for an awesome tool. Windapsearch and Impacket are by far the most useful tools for pentesting Windows from Linux machines. One thing it would be great to have is the option of using kerberos authentication instead of pass-the-hash. Pass the hash has been great, but most of the SOCs now detect legacy ntlm authentication as an IOC, and over pass the hash fixes this issue. I can get the tickets through Impacket, but it would be great being able to use them with windapsearch.

Thanks!

ropnop commented 3 years ago

This is definitely something I’d love as well. It would require implementing Kerberos in the underlying go-ldap package I use. Not impossible (I got a PR merged in there to support NTLM), but it’s quite a bit more work. But I will add it to the backlog!