Charlie Bromberg
Charlie Bromberg
Worked with @wqreytuk, this feature needs further testing, but it now works on our end. The substitution wasn't complete. The information in the ticket wasn't replaced. Only the information in...
Great PR! For the password generation, imho it would be nice to implement what was done in https://github.com/SecureAuthCorp/impacket/pull/1063 where the password can be defined by the user, or randomly generated...
> Can we check this one before the next release of impacket @0xdeaddood ? this is really really valuable during internal pentest ! :) Only if the DC has SMB...
The script can now decrypt the encoded ticket in the credential object. This allows to detect any potential discrepancy between the sname/realm in the credential vs. in the ticket 
This script needs testing. In my lab, I have an issue when changing the owner of an object from A to B then B to A. A to B works...
> The script works perfectly in my lab, even in the scenario "from A to B then B to A". I haven't seen any issue for the moment: > >...
Great thread here In my opinion this repo should be split Impacket : library, no examples Impacket-examples : a separate repo, loaded as submodule here in the examples folder This...
This PR can now be used along other tools for [sAMAccountName spoofing](https://www.thehacker.recipes/ad/movement/kerberos/samaccountname-spoofing) attacks :+1:
Inspired by #1260, I included the sname substitution feature from my other PR #1256 here.  I also simplified a bit my previous changes and fixed an...
Adding #1256 's https://github.com/SecureAuthCorp/impacket/pull/1256/commits/d056f09e4f6d8b420751a549753a50d3dc9205c5 commit here. When no `-spn` was supplied, smart substitution requested with `-altservice` failed. Now, service substitution works fine in this edge case. 