@dreamerscoffee said:
Thanks for making this video. It really helped with understanding getnpusers. I do have to say that I’ve never actually seen a user in real life with preauthentication turned off or seen an application that requires it. I’m sure it must exist for Microsoft to keep supporting the option.
Yeah I find it pretty weird that the option even exists, as it completely destroys the security of any user account you enable it on. But there must be some legacy software out there that does kerberos auth but doesn’t do pre auth. Weirdly when you connect to an SMB share in windows, it first tries kerberos without pre auth, which fails and so then it tries it with pre auth. That’s still the case even in the latest version of Windows 10.
Great video! Thank you for sharing. I am always curious about how those tools work… Please consider making more of these explaination videos of common tools!
Great video! Thank you for sharing. I am always curious about how those tools work… Please consider making more of these explaination videos of common tools!
Subscribed!
Thanks and yeah I will be making more very soon. If there’s any in particular you want to see videos on then let me know (windows only - I’m a noob when it comes to linux)
(Quote)
Thanks and yeah I will be making more very soon. If there’s any in particular you want to see videos on then let me know (windows only - I’m a noob when it comes to linux)
Honestly any tool. I am not bad at linux, but an absolut windows noob. Everything you can teach is appreciated.
Great tutorial on GetNPusers.py, very helpful in my first hack on AD. Something to note for those Linux users. The double quote will interpret the $ and try to interpret it, the end result is you will get an error about the hash. Use single quote. Thanks for the tutorial.
Recently seen a few comments from people saying they’d like to understand how the Impacket GetNPUsers script works and what exactly makes an account vulnerable to this kind of attack. So I made this video that hopefully helps
I hope you don’t mind @VbScrub, I had to give you a mention and share your video in my walkthrough. In my opinion you hit the nail explaining this and it’s worth watching so people understand this better.
Recently seen a few comments from people saying they’d like to understand how the Impacket GetNPUsers script works and what exactly makes an account vulnerable to this kind of attack. So I made this video that hopefully helps
I hope you don’t mind @VbScrub, I had to give you a mention and share your video in my walkthrough. In my opinion you hit the nail explaining this and it’s worth watching so people understand this better.
and yeah I will be making more very soon. If there’s any in particular you want to see videos on then let me know (windows only - I’m a noob when it comes to linux)