Open StathisKap opened 2 years ago
Just go build?
go install github.com/ropnop/kerbrute@latest
❯ kerbrute
__ __ __
/ /_____ _____/ /_ _______ __/ /____
/ //_/ _ \/ ___/ __ \/ ___/ / / / __/ _ \
/ ,< / __/ / / /_/ / / / /_/ / /_/ __/
/_/|_|\___/_/ /_.___/_/ \__,_/\__/\___/
Version: dev (n/a) - 06/12/22 - Ronnie Flathers @ropnop
This tool is designed to assist in quickly bruteforcing valid Active Directory accounts through Kerberos Pre-Authentication.
It is designed to be used on an internal Windows domain with access to one of the Domain Controllers.
Warning: failed Kerberos Pre-Auth counts as a failed login and WILL lock out accounts
Usage:
kerbrute [command]
Available Commands:
bruteforce Bruteforce username:password combos, from a file or stdin
bruteuser Bruteforce a single user's password from a wordlist
help Help about any command
passwordspray Test a single password against a list of users
userenum Enumerate valid domain usernames via Kerberos
version Display version info and quit
Flags:
--dc string The location of the Domain Controller (KDC) to target. If blank, will lookup via DNS
--delay int Delay in millisecond between each attempt. Will always use single thread if set
-d, --domain string The full domain to use (e.g. contoso.com)
-h, --help help for kerbrute
-o, --output string File to write logs to. Optional.
--safe Safe mode. Will abort if any user comes back as locked out. Default: FALSE
-t, --threads int Threads to use (default 10)
-v, --verbose Log failures and errors
Use "kerbrute [command] --help" for more information about a command.
I followed same steps but still kerbrute not working for me
Tested on Apple Macbook Pro M1 Max with Kali Linux (arm64) running in virtual machine.
Clone the repository and edit Makefile
git clone #https://github.com/ropnop/kerbrute.git
cd kerbrute
gedit Makefile
Modify and add arm64 in the ARCHS
variable in end of the line:
ARCHS=amd64 386 arm64
Compile the code for Kali Linux (arm64)
make linux
Output:
┌──(root💀kali)-[~/scripts/arm64-scripts/kerbrute]
└─# make linux
Building for linux amd64...
Building for linux 386...
Building for linux arm64...
Done.
Check dist
directory for compiled binary:
┌──(root💀kali)-[~/scripts/arm64-scripts/kerbrute/dist]
└─# ls -la
total 20976
drwxr-xr-x 2 root root 4096 Sep 7 01:23 .
drwxr-xr-x 8 root root 4096 Sep 7 01:23 ..
-rwxr-xr-x 1 root root 6907538 Sep 7 01:23 kerbrute_linux_386
-rwxr-xr-x 1 root root 7351088 Sep 7 01:23 kerbrute_linux_amd64
-rwxr-xr-x 1 root root 7204048 Sep 7 01:23 kerbrute_linux_arm64
run the code
┌──(root💀kali)-[~/scripts/arm64-scripts/kerbrute/dist]
└─# ./kerbrute_linux_arm64
__ __ __
/ /_____ _____/ /_ _______ __/ /____
/ //_/ _ \/ ___/ __ \/ ___/ / / / __/ _ \
/ ,< / __/ / / /_/ / / / /_/ / /_/ __/
/_/|_|\___/_/ /_.___/_/ \__,_/\__/\___/
Version: dev (9cfb81e) - 09/07/22 - Ronnie Flathers @ropnop
This tool is designed to assist in quickly bruteforcing valid Active Directory accounts through Kerberos Pre-Authentication.
It is designed to be used on an internal Windows domain with access to one of the Domain Controllers.
Warning: failed Kerberos Pre-Auth counts as a failed login and WILL lock out accounts
Usage:
kerbrute [command]
Available Commands:
bruteforce Bruteforce username:password combos, from a file or stdin
bruteuser Bruteforce a single user's password from a wordlist
help Help about any command
passwordspray Test a single password against a list of users
userenum Enumerate valid domain usernames via Kerberos
version Display version info and quit
Flags:
--dc string The location of the Domain Controller (KDC) to target. If blank, will lookup via DNS
--delay int Delay in millisecond between each attempt. Will always use single thread if set
-d, --domain string The full domain to use (e.g. contoso.com)
--downgrade Force downgraded encryption type (arcfour-hmac-md5)
--hash-file string File to save AS-REP hashes to (if any captured), otherwise just logged
-h, --help help for kerbrute
-o, --output string File to write logs to. Optional.
--safe Safe mode. Will abort if any user comes back as locked out. Default: FALSE
-t, --threads int Threads to use (default 10)
-v, --verbose Log failures and errors
Use "kerbrute [command] --help" for more information about a command.
Building for linux amd64... /bin/sh: 1: go: not found /bin/sh: 3: go: not found make: *** [Makefile:35: linux] Error 1
If you get this error after you modify the Makefile, ensure you have golang-go installed.
After installing: apt install gccgo-go apt install golang-go
Everything went perfectly on Kali arm64
make linux Building for linux amd64... Building for linux 386... Building for linux arm64... Done.
./kerbrute_linux_arm64
__ __ __
/ / / /_ ___ / /___ / /// \/ / \/ / / / / / \ / ,< / / / / // / / / // / /_/ / //||_// /.// _,/_/\/
Version: dev (9cfb81e) - 04/01/23 - Ronnie Flathers @ropnop
This tool is designed to assist in quickly bruteforcing valid Active Directory accounts through Kerberos Pre-Authentication. It is designed to be used on an internal Windows domain with access to one of the Domain Controllers. Warning: failed Kerberos Pre-Auth counts as a failed login and WILL lock out accounts
Usage: kerbrute [command]
Available Commands: bruteforce Bruteforce username:password combos, from a file or stdin bruteuser Bruteforce a single user's password from a wordlist help Help about any command passwordspray Test a single password against a list of users userenum Enumerate valid domain usernames via Kerberos version Display version info and quit
Flags: --dc string The location of the Domain Controller (KDC) to target. If blank, will lookup via DNS --delay int Delay in millisecond between each attempt. Will always use single thread if set -d, --domain string The full domain to use (e.g. contoso.com) --downgrade Force downgraded encryption type (arcfour-hmac-md5) --hash-file string File to save AS-REP hashes to (if any captured), otherwise just logged -h, --help help for kerbrute -o, --output string File to write logs to. Optional. --safe Safe mode. Will abort if any user comes back as locked out. Default: FALSE -t, --threads int Threads to use (default 10) -v, --verbose Log failures and errors
Use "kerbrute [command] --help" for more information about a command.
go install github.com/ropnop/kerbrute@latest
┌──(root㉿kali-linux-2022-2)-[~/Desktop/kerbrute-master] └─# make linux Building for linux amd64... fatal: not a git repository (or any of the parent directories): .git
I've got a Mac M1 so could we get an ARM version of this?