Documentation
¶
Index ¶
- func AuthenticateUser(ctx context.Context, target *Target, username, password string, timeout int) (bool, string, error)
- func EnumerateUsers(ctx context.Context, target *Target, usernames []string, timeout int) ([]string, []string, error)
- func RequestServiceTicket(ctx context.Context, generalConfig *kerberosfern.PentestKerberosConfig, ...) (*kerberosfern.PentestKerberosServiceTicketResult, error)
- func RunASRepRoast(ctx context.Context, generalConfig *kerberosfern.PentestKerberosConfig, ...) (*kerberosfern.PentestKerberosAsRepRoastResult, error)
- func RunKerberoast(ctx context.Context, generalConfig *kerberosfern.PentestKerberosConfig, ...) (*kerberosfern.PentestKerberosKerberoastResult, error)
- func RunPentest(ctx context.Context, config *kerberosfern.PentestKerberosConfig) (*kerberosfern.PentestKerberosReport, error)
- func RunUserEnum(ctx context.Context, generalConfig *kerberosfern.PentestKerberosConfig, ...) (*kerberosfern.PentestKerberosUserEnumResult, error)
- func SprayPasswords(ctx context.Context, target *Target, usernames []string, password string, ...) (map[string]bool, []string, error)
- func TestConnection(ctx context.Context, target *Target, timeout int) error
- type Target
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthenticateUser ¶
func AuthenticateUser(ctx context.Context, target *Target, username, password string, timeout int) (bool, string, error)
AuthenticateUser attempts to authenticate a single user with a password
func EnumerateUsers ¶
func EnumerateUsers(ctx context.Context, target *Target, usernames []string, timeout int) ([]string, []string, error)
EnumerateUsers performs username enumeration against Kerberos Returns a list of valid usernames
func RequestServiceTicket ¶ added in v0.0.80
func RequestServiceTicket(ctx context.Context, generalConfig *kerberosfern.PentestKerberosConfig, serviceTicketConfig *kerberosfern.PentestKerberosServiceTicketConfig) (*kerberosfern.PentestKerberosServiceTicketResult, error)
RequestServiceTicket requests a Kerberos service ticket (supports regular requests, traditional CD, and RBCD)
func RunASRepRoast ¶ added in v0.0.190
func RunASRepRoast(ctx context.Context, generalConfig *kerberosfern.PentestKerberosConfig, roastConfig *kerberosfern.PentestKerberosAsRepRoastConfig) (*kerberosfern.PentestKerberosAsRepRoastResult, error)
RunASRepRoast harvests AS-REP hashes (hashcat mode 18200) for principals with pre-auth disabled.
func RunKerberoast ¶ added in v0.0.190
func RunKerberoast(ctx context.Context, generalConfig *kerberosfern.PentestKerberosConfig, roastConfig *kerberosfern.PentestKerberosKerberoastConfig) (*kerberosfern.PentestKerberosKerberoastResult, error)
RunKerberoast harvests TGS-REP hashes for target SPNs for offline cracking (hashcat modes 13100/19600/19700).
func RunPentest ¶ added in v0.0.154
func RunPentest(ctx context.Context, config *kerberosfern.PentestKerberosConfig) (*kerberosfern.PentestKerberosReport, error)
RunPentest dispatches the requested Kerberos attack action(s) and assembles the report.
func RunUserEnum ¶ added in v0.0.190
func RunUserEnum(ctx context.Context, generalConfig *kerberosfern.PentestKerberosConfig, enumConfig *kerberosfern.PentestKerberosUserEnumConfig) (*kerberosfern.PentestKerberosUserEnumResult, error)
RunUserEnum enumerates valid AD principals via Kerberos AS-REQ error codes (credential-free).
Types ¶
Source Files
Click to show internal directories.
Click to hide internal directories.