Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
Switch branches/tags
Nothing to show
Clone or download

README.md

This project has now been deprecated. Its functionality has been incorporated into Rubeus via the "asreproast" action, which utilizes a more minimal ASN.1 parsing library.

ASREPRoast

Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.

More information is available here and in ExumbraOps' post.

ASREPRoast.ps1

Get-ASREPHash

Returns a crackable hash for users withouth kerberos preauthentication enabled.

Invoke-ASREPRoast

Enumerates any users in the current (or specified) domain without kerberos preauthentication enabled and requests crackable AS-REP responses.

krb5_asrep_fmt_plug.c

A customized version of the krb5_tgs_fmt_plug.c plugin from magnumripper version of John The Ripper. Drop into ./src/ and compile as normal. The new hash tag is krb5asrep.

tgscrack.go

A customized version of @tifkin_'s tgscrack project. The hash format needed is salt#️⃣description.