Monteverde

Type your comment> @D8ll0 said:

Type your comment> @madhack said:

yes it is working
but ERROR:root:Kerberos SessionError: KDC_ERR_WRONG_REALMā€¦
hmm letā€™s try something else

You are using wrong domain name, try different one.

thx got it!

Edit : nvm I found out

@brueh said:
ā€˜Do not require Kerberos preauthenticationā€™ set (UF_DONT_REQUIRE_PREAUTH).

I wonder how you got those hashes because the script you are talking about didnt find anything for meā€¦

Type your comment> @Crafty said:

@brueh said:
ā€˜Do not require Kerberos preauthenticationā€™ set (UF_DONT_REQUIRE_PREAUTH).

I wonder how you got those hashes because the script you are talking about didnt find anything for meā€¦

Think more, no just impacket

Initial foothold is a guessing game. The most simple one.
Have that in mind if your enum is not giving anything.

Type your comment> @joshibeast said:

Initial foothold is a guessing game. The most simple one.
Have that in mind if your enum is not giving anything.

Already tried brute forcing all users with top 100 passwords, no luck.
Impa**** gives nothing
:confused:

Type your comment> @Nt3c said:

Type your comment> @joshibeast said:

Initial foothold is a guessing game. The most simple one.
Have that in mind if your enum is not giving anything.

Already tried brute forcing all users with top 100 passwords, no luck.
Impa**** gives nothing
:confused:

I tried top-1000 passwords against all users, but no luck! :frowning:

tbh if you think about some of those burner accounts that get installed in the process of spinning up a box, people can be pretty lazy about burner passwords.
think laziest.

in retrospect itā€™s absolutely realistic. sadly.

Type your comment> @babywyrm said:

tbh if you think about some of those burner accounts that get installed in the process of spinning up a box, people can be pretty lazy about burner passwords.
think laziest.

in retrospect itā€™s absolutely realistic. sadly.

this is the same for me as try harder.
still thx for the info.

FINALLY found an account i can use ?

EDIT: found another set of creds.
Basically all enumeration till now, nothing fancy.

Any news about root?, Iā€™m focus with A***e but canā€™t find anything.

guys how did you find the password for the user, cause I tried bruteforcing all of them and got nothing

mmm something does not work for me, I am fighting with users and k ******* if someone can issue a hint ā€¦ if the idea is not brute force, then there should be a more creative way to reverse the shell

Type your comment> @OrkaPatorka said:

guys how did you find the password for the user, cause I tried bruteforcing all of them and got nothing

When sysadmins create accounts, sometimes they canā€™t be bothered with thinkingā€¦

Donā€™t be crazy with spraying 100+ passwords, as said previously is honestly something you find in real life

I still have no password.

@Warlord711 said:

I still have no password.

Thereā€™s a enum equivalent for Linux that you can use. Once you have the domain, groups, users, etc. you have everything you need to obtain creds.

I got the users etc. but no valid password found yet.

same thing

I found the domain, groups and users. I have bruteforced for passwords but just nothing!
Anybody who can PM me about the tool I need to use to find a password? I am lost atmā€¦

Try to use other tools if you cant find valid user/pass combo.