Charlie Bromberg
Charlie Bromberg
My previous PR #1183 allowed getST to accept a custom ticket for S4U2Proxy and basically run S4U2Proxy without S4U2Self.. This edit allows to run S4U2Self only, with the `-self` flag,...
I added a user filter, just like GetADUsers. This allows for lighter results in huge environments. I also changed the "Constrained" strings to "Constrained w/o Protocol Transition" because of the...
I noticed the `(objectCategory=user)` while attempting an ACE abuse of a controlled computer account who had `WriteDacl` permissions against a domain node. During the attack, the `--escalate-user` was set to...
This new example script takes a `.ccache` file as input and parses it. - For each credential found in the file (usually 1), the content of the ticket is parsed...
Example script to allow for [SPN-jacking](https://www.semperis.com/blog/spn-jacking-an-edge-case-in-writespn-abuse/) and manual manipulation of tickets to edit the sname (i.e. SPN) the ticket is issued for. Python equivalent to `Rubeus tgssub` command (https://github.com/GhostPack/Rubeus#tgssub) This...
Existing container can't start because of missing timezone file. ## Environment ``` [*] Exegol is currently in version v4.0.5b1 [D] Pip installation: Off 🪓 [D] Git source installation: On ✔...
When an SID couldn't be found in LDAP, the script was crashing because the `get_sid_info()` function was returning `False` but the returned value was then read like a list, hence...
Added a workflow that makes sure responder requirements install, and responder starts properly for all push and pull request triggers. This is pretty basic right now and adding another workflow...