Enumerate the state of TGT delegation

[jsdhasfedssad]

Hi,

Thank you for this tool!

When performing cross-forest (inter-realm) attacks one method to use is to abuse unconstrained delegation which DCs are configured with by default. However, this attack relies on TGT delegation beeing enabled in the direction of the target forest to the source/owned forest. The command get-netdomaintrust outputs most of the information required but not the state of TGT delegation.

Enumerating this using built-in tools on the primary DC in the target forest outputs the below. Would you be willing to implement support for this in pywerview? Thanks!

[ThePirateWhoSmellsOfSunflowers]

Hello!

I planned to rewrite how trusts are handled and displayed, I'm not satisfied with output of get-netdomaintrust. So thanks for your idea and keep an eye on the develop branch :wink:

:sunflower:

[ThePirateWhoSmellsOfSunflowers]

Hello, I've just pushed a better trust handling on the develop branch. Can you test it ? Thanks for the idea, closing now.

:sunflower:

[jsdhasfedssad]

It works. Very good. Thanks!