Open Utkar5hM opened 1 year ago
This is a great feature, Thank you!
I'll try it.
Working well!
~/kerbrute/kerbrute-arm64 bruteuser -d htb.local --dc apt.htb hash.list henry.vinson --etype rc4-hmac
__ __ __
/ /_____ _____/ /_ _______ __/ /____
/ //_/ _ \/ ___/ __ \/ ___/ / / / __/ _ \
/ ,< / __/ / / /_/ / / / /_/ / /_/ __/
/_/|_|\___/_/ /_.___/_/ \__,_/\__/\___/
Version: dev (n/a) - 10/31/23 - Ronnie Flathers @ropnop
2023/10/31 17:01:27 > Using KDC(s):
2023/10/31 17:01:27 > apt.htb:88
2023/10/31 17:01:33 > [+] VALID LOGIN: henry.vinson@a.x:c
2023/10/31 17:01:38 > Done! Tested 2 logins (1 successes) in 10.929 seconds
session/TestLogin()
function to support taking precomputed hash and creating a client withClient.NewWithKeytab
.etype
that specifies the hashing algorithm that the password or password list should be treated as precomputed.gokrb5
to support adding entries to keytab with precomputed hash.ropnop/gokrb5/PRI'm still going through how things work out so I can polish out code. I don't know a lot about how kerberos works authentication works in detail. Like I've yet to figure out why it expected a KVNO of 2 and why hardcoding it worked.
I'm still looking into if there is any better way to set the options to use etype than to set defaults in
k.Config.LibDefaults.
Tested this against APT machine on hackthebox and it seems to work smoothly for
rc4-hmac
.resolves #38