/ASREPRoast

Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.

Primary LanguagePowerShellBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

ASREPRoast

Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.

More information is available here and in ExumbraOps' post.

ASREPRoast.ps1

Get-ASREPHash

Returns a crackable hash for users withouth kerberos preauthentication enabled.

Invoke-ASREPRoast

Enumerates any users in the current (or specified) domain without kerberos preauthentication enabled and requests crackable AS-REP responses.

krb5_asrep_fmt_plug.c

A customized version of the krb5_tgs_fmt_plug.c plugin from magnumripper version of John The Ripper. Drop into ./src/ and compile as normal. The new hash tag is krb5asrep.

tgscrack.go

A customized version of @tifkin_'s tgscrack project. The hash format needed is salt:hash:description.