Kerberos bruteforce utility
Project description
kerbrute
An script to perform kerberos bruteforcing by using the Impacket library.
When is executed, as input it receives a user or list of users and a password or list of password. Then is performs a brute-force attack to enumerate:
- Valid username/passwords pairs
- Valid usernames
- Usernames without pre-authentication required
As a result, the script generates a list of valid credentials discovered, and the TGT's generated due those valid credentials.
Installation
From pypi:
pip3 install kerbrute
From repo:
git clone https://github.com/TarlogicSecurity/kerbrute
cd kerbrute
pip install -r requirements.txt
Use
Help without arguments:
root@kali:~# kerbrute
Impacket v0.9.18 - Copyright 2018 SecureAuth Corporation
usage: kerbrute.py [-h] [-debug] (-user USER | -users USERS)
[-password PASSWORD | -passwords PASSWORDS] -domain DOMAIN
[-dc-ip <ip_address>] [-threads THREADS]
[-outputfile OUTPUTFILE] [-no-save-ticket]
optional arguments:
-h, --help show this help message and exit
-debug Turn DEBUG output ON
-user USER User to perform bruteforcing
-users USERS File with user per line
-password PASSWORD Password to perform bruteforcing
-passwords PASSWORDS File with password per line
-domain DOMAIN Domain to perform bruteforcing
-dc-ip <ip_address> IP Address of the domain controller
-threads THREADS Number of threads to perform bruteforcing. Default = 1
-outputfile OUTPUTFILE
File to save discovered user:password
-no-save-ticket Do not save retrieved TGTs with correct credentials
Examples:
./kerbrute.py -users users_file.txt -passwords passwords_file.txt -domain contoso.com
Example of execution:
root@kali:~# kerbrute -domain jurassic.park -users users.txt -passwords passwords.txt -outputfile jurassic_passwords.txt
Impacket v0.9.18 - Copyright 2018 SecureAuth Corporation
[*] Stupendous => triceratops:Sh4rpH0rns
[*] Saved TGT in triceratops.ccache
[*] Valid user => velociraptor [NOT PREAUTH]
[*] Valid user => trex
[*] Saved discovered passwords in jurassic_passwords.txt
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file kerbrute-0.0.2.tar.gz.
File metadata
- Download URL: kerbrute-0.0.2.tar.gz
- Upload date:
- Size: 16.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/47.1.1 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.7.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a24ff2b6d452902684755e1a336ebbd2a1118e00c1965e8e8b72f94d5e581040
|
|
| MD5 |
3265345679c3e27a2a556355ce6fcb0b
|
|
| BLAKE2b-256 |
7303992f4097bcb3bb108b40e30944d6775273ca2c188bdb22340c07d059fce0
|
File details
Details for the file kerbrute-0.0.2-py3-none-any.whl.
File metadata
- Download URL: kerbrute-0.0.2-py3-none-any.whl
- Upload date:
- Size: 17.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/47.1.1 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.7.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a5764c262aa2e7ef4ea24f67435316b7b28917a4eeed8163d683053ad83e6a5b
|
|
| MD5 |
19e8e4e3bf1c5d6e2ba92e85eb5d1d2e
|
|
| BLAKE2b-256 |
4b5c73c5479bee2d243374364d8c0be43396d440947a764e7b6c81406b7b57cf
|
