Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Related tags

Security related resourcesaeskerberos
Overview

aesKrbKeyGen

Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password. Either of the resulting keys can be utilized with Impacket's getTGT.py to obtain a TGT for the account, provided it is configured to support AES encryption.

This is a Python port of Kevin Robertson's Get-KerberosAESKey.ps1

Examples

Keep in mind AD user account names are case sensitive when supplying the -user flag

Calculate AES keys for a AD user account:

python3 aesKrbKeyGen.py -domain domain.local -user matt -pass Password1

Calculate AES keys for an AD computer account:

python3 aesKrbKeyGen.py -domain domain.local -user laptop123 -pass Password1 -host

Use Impacket's getTGT.py with a resulting AES key to obtain a TGT:

python3 getTGT.py domain.local/matt -aesKey
Owner
Matt Creel
Matt Creel
GitHub Repository
Attack SQL Server through gopher protocol

Attack SQL Server through gopher protocol

hack2fun 17 Nov 30, 2022
A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell

log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description This demo Tomcat 8 server has a vulnerable app deployed on it and is also vulne

60 Dec 10, 2022
Fuzzercorn - Bring libfuzzer to Unicorn

Fuzzercorn libfuzzer bindings for Unicorn. API // The main entry point of the fu

lazymio 23 Nov 17, 2022
PoC for CVE-2021-26855 -Just a checker-

CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C

Abdullah AlZahrani 17 Dec 22, 2022
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams

Mitiga 13 Jan 04, 2022
This tool allows to automatically test for Content Security Policy bypass payloads.

CSPass This tool allows to automatically test for Content Security Policy bypass payloads. Usage [cspass]$ ./cspass.py -h usage: cspass.py [-h] [--no-

Ruulian 30 Nov 22, 2022
A simple linux keylogger project.

The project This project is a simple linux keylogger. When activated, it registers all the actions made with the keyboard. The log files are registere

1 Oct 24, 2021
A Python wrapper around the OpenSSL library

pyOpenSSL -- A Python wrapper around the OpenSSL library Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where

Python Cryptographic Authority 795 Dec 29, 2022
Fast python tool to test apache path traversal CVE-2021-41773 in a List of url

CVE-2021-41773 Fast python tool to test apache path traversal CVE-2021-41773 in a List of url Usage :- create a live urls file and use the flag "-l" p

Zahir Tariq 12 Nov 09, 2022
SSRF search vulnerabilities exploitation extended.

This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).

Andri Wahyudi 13 Jul 04, 2021
The First Python Compatible Camera Hacking Tool

ZCam Hack webcam using python by sending malicious link. FEATURES : [+] Real-time Camera hacking [+] Python compatible [+] URL Shortener using bitly [

Sanketh J 109 Dec 28, 2022
Auerswald COMpact 8.0B Backdoors exploit

CVE-2021-40859 Auerswald COMpact 8.0B Backdoors exploit About Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow a

Ashish Kunwar 1 Nov 24, 2022
Grafana-0Day-Vuln-POC

Grafana V8.0+版本存在未授权任意文件读取 0Day漏洞 - POC 1 漏洞信息 1.1 基本信息 漏洞厂商:Grafana 厂商官网:https://grafana.com/ 1.2 漏洞描述 Grafana是一个跨平台、开源的数据可视化网络应用程序平台。用户配置连接的数据源之后,Gr

mik1th0n 3 Dec 13, 2021
OpenSource Poc && Vulnerable-Target Storage Box.

reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re

cckuailong 560 Dec 23, 2022
Genpyteal - Experiment to rewrite Python into PyTeal using RedBaron

genpyteal Converts Python to PyTeal. Your mileage will vary depending on how muc

Jason Livesay 9 Oct 19, 2022
VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit

Vortex VPN Overall Reconnaissance, Testing, Enumeration and Exploitation Toolkit Overview A very simple Python framework, inspired by SprayingToolkit,

315 Dec 28, 2022
Repository for a project of the course EP2520 Building Networked Systems Security

EP2520_ACME_Project Repository for a project of the course EP2520 Building Networked Systems Security in Royal Institute of Technology (KTH), Stockhol

1 Dec 11, 2021
A tool that detects the expensive Carbon Black watchlists.

A tool that detects the "expensive" Carbon Black watchlists.

Oğuzcan Pamuk 8 Aug 04, 2022
Create a secure tunnel from a custom domain to localhost using Fly and WireGuard.

Fly Dev Tunnel Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This i

170 Dec 11, 2022
Simples brute forcer de diretorios para web pentest.

🦑 dirbruter Simples brute forcer de diretorios para web pentest. ❕ Atenção Não ataque sites privados. Isto é illegal. 🖥️ Pré-requisitos Ultima versã

Dio brando 6 Jan 22, 2022