You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When performing a basic NTLM relay attack (with PetitPotam to coerce auth) using the "relay" command, everything goes fine as you see below:
The PFX is saved and no error is thrown. However, when you follow this up with a certipy auth as below, a Kerberos error is thrown upon requesting the TGT:
However, requesting the TGT and NTLM hash with Rubeus works just as expected:
And then I was able to DC Sync with CME using the NTLM hash and/or TGT:
The DC involved is a Windows Server 2022 and the CA, on a separate server specifically to facilitate the NTLM relay simulation, is Windows Server 2019. I suspect this may be an issue related to the super up-to-date version of Windows Server that the DC is running on; perhaps Certipy just hasn't been updated to cope with it yet but Rubeus has (it receives more regular updates). Any idea is appreciated, though!
The text was updated successfully, but these errors were encountered:
When performing a basic NTLM relay attack (with PetitPotam to coerce auth) using the "relay" command, everything goes fine as you see below:
The PFX is saved and no error is thrown. However, when you follow this up with a
certipy auth
as below, a Kerberos error is thrown upon requesting the TGT:However, requesting the TGT and NTLM hash with Rubeus works just as expected:
And then I was able to DC Sync with CME using the NTLM hash and/or TGT:
The DC involved is a Windows Server 2022 and the CA, on a separate server specifically to facilitate the NTLM relay simulation, is Windows Server 2019. I suspect this may be an issue related to the super up-to-date version of Windows Server that the DC is running on; perhaps Certipy just hasn't been updated to cope with it yet but Rubeus has (it receives more regular updates). Any idea is appreciated, though!
The text was updated successfully, but these errors were encountered: