Skip to content

/as-rep-roast

Project (in Python) that retrieves hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
  1. Python 100.0%
Branch: master
Find File
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Open in Desktop Download ZIP

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching Xcode...

If nothing happens, download Xcode and try again.

Launching Visual Studio...

If nothing happens, download the GitHub extension for Visual Studio and try again.

@bigbael
bigbael Update krb5.py
Latest commit 5e632cd Mar 15, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
kek
pyasn1
README.md
as-rep-roast.py

README.md

as-rep-roast

Author

Jason Martinsen

Python code to execute an AS-REP Roasting attack.

USE ONLY AGAINST AUTHORIZED TARGETS

Usage :

USAGE:
as-rep-roast.py -u <userName>@<domainName> -d <domainControlerAddr>

Hashcat compatible output will be piped to screen and to hashcat.out file.

This code is based on the code from the below project...

Python Kerberos Exploitation Kit

PyKEK (Python Kerberos Exploitation Kit), a python library to manipulate KRB5-related data. (Still in development)

For now, only a few functionalities have been implemented (in a quite Quick'n'Dirty way) to exploit MS14-068 (CVE-2014-6324) .

More is coming...

Author

Sylvain Monné

Contact : sylvain dot monne at solucom dot fr

http://twitter.com/bidord

Special thanks to: Benjamin DELPY gentilkiwi

Library content

  • kek.krb5: Kerberos V5 (RFC 4120) ASN.1 structures and basic protocol functions
  • kek.ccache: Credential Cache Binary Format (cchache)
  • kek.pac: Microsoft Privilege Attribute Certificate Data Structure (MS-PAC)
  • kek.crypto: Kerberos and MS specific cryptographic functions
You can’t perform that action at this time.