You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since it's totally all default situation, I have no idea what's wrong with it to reproduce.
More information might be useful for debugging:
Certificate can be requested via any other machine in the domain. DC itself also has a certificate. Any other machine also can request machine account certificate in GUI.
Web Endpoint /certsrv will ask for human user credential, then it works as intended. But in this situation, machine account NTLM authentication seems not to work.
If I replace ntlmrelayx with responder, I could successfully get a response and hash capture notice from responder, which means, at least, NTLM Relay part, works fine.
Thanks for your help in advance.
The text was updated successfully, but these errors were encountered:
First of all, thanks for your excellent research work.
I'm trying to reproduce it using a Windows Server 2012 R2 with no patches installed either automatically or manually.
I installed AD CS using all default options offered by the setup wizard.
When I invoke the Python script from your repo and cooperate it with ntlmrelayx from https://github.com/ExAndroidDev/impacket/tree/ntlmrelayx-adcs-attack , it just kept telling me HTTP 401 Unauthorized.
Since it's totally all default situation, I have no idea what's wrong with it to reproduce.
More information might be useful for debugging:
Thanks for your help in advance.
The text was updated successfully, but these errors were encountered: