Kerberoast - 88

Port 88

Using Kerbrute, we can enumerate potential domain account usernames.

On a real assessment, we could search on LinkedIn for employees and try to find the username pattern for domain accounts. 

kerbrute userenum -d EGOTISTICAL-BANK.LOCAL /usr/share/seclists/Usernames/xato-net-10-million-usernames.txt --dc 10.10.10.175 -o valid_ad_users

Resources

m0chan. How To Attack Kerberoast 101. Click here

PreviousDNS recon - ExternalNextLDAP - 389

Last updated