Getting Passwords When Kerberos Pre-Auth IS Enabled 

Best videos i have ever watched on Kerberos. May god bless you

Nice explanation! Always happy to see new content.

Thank you so much! you helped me with a CTF challange I tried for days

Your content is amazing, thanks a lot!!

Great video man. You have gained a new subscriber. To protect the pre-auth data kerberos error spoofing , Kerberos armoring can be implemented. Please make a video on that if possible.

Another great video!

Hi vb! Great vid first of all, learned a ton, but i have one small question. At the beginning of the video, you show the as-req request that the client makes to the DC and that request contains the timestamp that has been encrypted by the client's password. I was able to capture the as-req packet in wireshark and i was able to see the cipher that represents that timestamp encrypted with the users password. But one thing that wasn't the same for me as for you, is that the etype for the hash was 23 and not 18 as shown in your example. In the vid, you also said that the etype 23 is weaker that etype 18 so its easier to crack. I tried running hashcat against the hash for type 18 and type 23 but i didn't get any results even though i put the right password as first in the wordlist. I heard that you said found some blog posts online when people demonstrate the same attack and their etype is 23, Could you please send me some of these blogs so i can try to crack my hash? Thanks a lot, in advance : )

May be not common for CTFs but very likely to happen in any type of Pentest as good old tcpdump should always be running while testing ;) Who knows... maybe someone configured a Vuln Scanner for an authenticated scan with a very bad password? Sniffing and cracking are still actual whatever we say. Always check your RoE and Scope though)))

I need to ask you

For more notes on kerberos visit the best website educationlinks.in/what-is-kerberos/