There's a new kerberos password brute-forcing module ("brute") from @Zer1t0, the triage/klist/dump actions now have standardized "/user","/LUID","/service", and "/server" targeting, and @exploitph implemented something I've wanted for a while: cross-domain S4U functionality (2/4)
-
-
Prikaži ovu nit
-
"kerberoast" has also had some love- disabled accounts now excluded by default, new "/pwdsetafter", "/pwdsetbefore", and "/resultlimit" arguments for better targeting (from
@pkb1s), "/simple" flag for easy hash output, and "/stats" to list roastable user stats (3/4)Prikaži ovu nit -
Lots of other changes, fixes, and additions as well. Thank you to everyone who contributed, and I hope everyone else finds the new changes useful! Again, a full changelog is available at https://github.com/GhostPack/Rubeus/blob/master/CHANGELOG.md#150---2020-01-31 … (4/4)
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
Thanks for this great tool. Would be great to have an argument to export a ticket to a file instead of having to copy, paste to a file, delete the newline chars and then base64 decode using Linux command / powershell and then write to file. Work that can be automated
-
The first feature above is "/nowrap", so no newline replacement anymore at least :) The asktgt/asktgs/renew/s4u/kerberoast commands all have an /outfile argument. The "dump" command doesn't, but I can probably work that in
- Još 2 druga odgovora
Novi razgovor -
-
-
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.