Write msds-keycredentiallink with cross-forest ticket

[enj5oy]

When i need generate certificate from domainA.contoso.local to target victimuser in domainB.contoso.local. For authentication i use NT hash with this command: python3 pywhisker.py -a add -d domainA.contoso.local -u admin -H :<nthash> -t victimuser -td domainB.contoso.local All fine. But in my case domainB ldap signing +channel binding is enabled, and i can't auth with ntlm, because i get error strongerAuthRequired. And when i ask ticket for [email protected] and then use command: python3 pywhisker.py -a add -d domainA.contoso.local -u admin -k --dc-ip <dc ip domainB.contoso.local> -t victimuser -td domainB.contoso.local I get error KDC_ERR_WRONG_REALM I know that this version of ldap3 can solve this problem https://github.com/ThePirateWhoSmellsOfSunflowers/ldap3/tree/tls_cb_and_seal_for_ntlm. I tried to do it myself, but I couldn't succeed.

[ShutdownRepo]

I won't be able to add this for the time being (not enough time), but it would be really great if someone would implement the change. I would gladly review & merge, it would be an awesome addition in my opinion (if it doesn't break how the tool currently works of course).