Project description

kerbrute

An script to perform kerberos bruteforcing by using the Impacket library.

When is executed, as input it receives a user or list of users and a password or list of password. Then is performs a brute-force attack to enumerate:

Valid username/passwords pairs
Valid usernames
Usernames without pre-authentication required

As a result, the script generates a list of valid credentials discovered, and the TGT's generated due those valid credentials.

Installation

From pypi:

pip3 install kerbrute

From repo:

git clone https://github.com/TarlogicSecurity/kerbrute
cd kerbrute
pip install -r requirements.txt

Use

Help without arguments:

root@kali:~# kerbrute
Impacket v0.9.18 - Copyright 2018 SecureAuth Corporation

usage: kerbrute.py [-h] [-debug] (-user USER | -users USERS)
                   [-password PASSWORD | -passwords PASSWORDS] -domain DOMAIN
                   [-dc-ip <ip_address>] [-threads THREADS]
                   [-outputfile OUTPUTFILE] [-no-save-ticket]

optional arguments:
  -h, --help            show this help message and exit
  -debug                Turn DEBUG output ON
  -user USER            User to perform bruteforcing
  -users USERS          File with user per line
  -password PASSWORD    Password to perform bruteforcing
  -passwords PASSWORDS  File with password per line
  -domain DOMAIN        Domain to perform bruteforcing
  -dc-ip <ip_address>   IP Address of the domain controller
  -threads THREADS      Number of threads to perform bruteforcing. Default = 1
  -outputfile OUTPUTFILE
                        File to save discovered user:password
  -no-save-ticket       Do not save retrieved TGTs with correct credentials

Examples: 
	./kerbrute.py -users users_file.txt -passwords passwords_file.txt -domain contoso.com

Example of execution:

root@kali:~# kerbrute -domain jurassic.park -users users.txt -passwords passwords.txt -outputfile jurassic_passwords.txt
Impacket v0.9.18 - Copyright 2018 SecureAuth Corporation

[*] Stupendous => triceratops:Sh4rpH0rns
[*] Saved TGT in triceratops.ccache
[*] Valid user => velociraptor [NOT PREAUTH]
[*] Valid user => trex
[*] Saved discovered passwords in jurassic_passwords.txt

Project details

These details have not been verified by PyPI

Release history Release notifications | RSS feed

This version

0.0.2

Jun 3, 2020

0.0.1

Jun 3, 2020

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

kerbrute-0.0.2.tar.gz (16.9 kB view details)

Uploaded Jun 3, 2020 Source

Built Distribution

kerbrute-0.0.2-py3-none-any.whl (17.6 kB view details)

Uploaded Jun 3, 2020 Python 3

File details

Details for the file kerbrute-0.0.2.tar.gz.

File metadata

Download URL: kerbrute-0.0.2.tar.gz
Upload date: Jun 3, 2020
Size: 16.9 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/47.1.1 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.7.3

File hashes

Hashes for kerbrute-0.0.2.tar.gz
Algorithm	Hash digest
SHA256	`a24ff2b6d452902684755e1a336ebbd2a1118e00c1965e8e8b72f94d5e581040`
MD5	`3265345679c3e27a2a556355ce6fcb0b`
BLAKE2b-256	`7303992f4097bcb3bb108b40e30944d6775273ca2c188bdb22340c07d059fce0`

See more details on using hashes here.

File details

Details for the file kerbrute-0.0.2-py3-none-any.whl.

File metadata

Download URL: kerbrute-0.0.2-py3-none-any.whl
Upload date: Jun 3, 2020
Size: 17.6 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/47.1.1 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.7.3

File hashes

Hashes for kerbrute-0.0.2-py3-none-any.whl
Algorithm	Hash digest
SHA256	`a5764c262aa2e7ef4ea24f67435316b7b28917a4eeed8163d683053ad83e6a5b`
MD5	`19e8e4e3bf1c5d6e2ba92e85eb5d1d2e`
BLAKE2b-256	`4b5c73c5479bee2d243374364d8c0be43396d440947a764e7b6c81406b7b57cf`