-
-
Notifications
You must be signed in to change notification settings - Fork 86
Kerberos
Simone Margaritelli edited this page Oct 25, 2023
·
1 revision
Kerberos 5 Pre Auth (users enumeration and password authentication).
NOTE: due to the way that the realm string is uppercase'd in order to generate the cryptographic salt for Microsoft domain controllers, you'll need to add the --kerberos-linux argument when targeting Linux Kerberos servers.
| Name | Description |
|---|---|
--kerberos-realm <KERBEROS_REALM> |
Kerberos realm |
--kerberos-protocol <KERBEROS_PROTOCOL> |
Kerberos transport protocol [default: tcp] [possible values: udp, tcp] |
--kerberos-linux |
If targeting a Linux Kerberos5 implementation, pass this flag to preserve the realm string case |
legba kerberos \
--target 127.0.0.1 \
--username admin \
--password wordlists/passwords.txt \
--kerberos-realm example.org- Installation and Building
- Usage & Main Options
- REST API
- Recipes
- Plugins
- AMQP (ActiveMQ, RabbitMQ, Qpid, JORAM and Solace)
- DNS
- FTP
- HTTP
- IMAP
- Kerberos
- LDAP
- MongoDB
- MQTT
- Microsoft SQL
- MySQL
- Oracle
- Port Scanner
- PostgreSQL
- POP3
- RDP
- Redis
- Samba
- ScyllaDB / Cassandra
- SSH / SFTP
- SMTP
- SOCKS5
- STOMP (ActiveMQ, RabbitMQ, HornetQ and OpenMQ)
- Telnet
- VNC
- Custom Binary