0xma Cyber Security Articles




May 31, 2022

AS-REP Roast Attach (Kerberoasting)

In this tutorial, we will see how to perform AS-REP Roasting attack. AS-REP Roasting is an attack against Kerberos for user accounts that do not require any kind of pre-authentication. Pre-authentication is required by default in Active Directory but it can be modified by a user account control setting on user accounts.

This page contains more information about this type of attack.

Let's run GetNPUsers.py to retrieve the TGT for the user called "Kaorz".

Running GetNPUsers.py to retrieve TGT for a user.

Save the TGT in a text file.

Saving the TGT in a text file.

It shows how to crack the TGT using hashcat.

Cracking the TGT using hashcat. Cracking the TGT using hashcat.

And it shows how to crack the TGT using john.

Cracking the TGT using john.

If you liked reading this article, you can follow me on Twitter: 0xmaCyberSec.