wh0amitz / S4UTomato

Escalate Service Account To LocalSystem via Kerberos
389 stars 72 forks source link

[X] KRB-ERROR (7) : KDC_ERR_S_PRINCIPAL_UNKNOWN #2

Open protrading104 opened 1 year ago

protrading104 commented 1 year ago

any idea why it didn't work ?

image

wh0amitz commented 1 year ago

Please read my READMD.md carefully, the poc applies to service account promotion to system. Because in a Windows domain environment, SYSTEM, NT AUTHORITY\NETWORK SERVICE, and Microsoft virtual accounts are all used as domain-joined system computer accounts for authentication. Your KDC_ERR_S_PRINCIPAL_UNKNOWN error is obviously because the KDC cannot find the SPN. This is because you are not using a service account but a user account, and the user account does not have an SPN by default.

Scorpiobaobao commented 1 year ago

你这个跟krbrealayup有什么区别