go-windapsearch icon indicating copy to clipboard operation
go-windapsearch copied to clipboard

Published 20 hours ago verified publisher icon ropnop

Feature request: Kerberos authentication

Open tuv7041 opened this issue 4 years ago • 1 comments

Hi! First of all, thank you for an awesome tool. Windapsearch and Impacket are by far the most useful tools for pentesting Windows from Linux machines. One thing it would be great to have is the option of using kerberos authentication instead of pass-the-hash. Pass the hash has been great, but most of the SOCs now detect legacy ntlm authentication as an IOC, and over pass the hash fixes this issue. I can get the tickets through Impacket, but it would be great being able to use them with windapsearch.

Thanks!

tuv7041 avatar Oct 11 '20 21:10 tuv7041

This is definitely something I’d love as well. It would require implementing Kerberos in the underlying go-ldap package I use. Not impossible (I got a PR merged in there to support NTLM), but it’s quite a bit more work. But I will add it to the backlog!

ropnop avatar Dec 12 '20 15:12 ropnop