GetUserSPNs.py in Attack Domain Trusts - Cross-Forest Trust Abuse - from Linux

I’m working through Active Directory Enumeration & Attacks “Attacking Domain Trusts - Cross-Forest Trust Abuse - from Linux”, and every time I run GetUserSPNs.py with the -request flag I get the error [-] [Errno Connection error (INLANEFREIGHT:88)] [Errno -3] Temporary failure in name resolution. GetUserSPNs.py works in terms of enumerating users, but it fails whenever I use the flags -request or -request-user to attempt to get the TGS. I’ve tried editing /etc/resolv.conf as well with the nameservers, but I keep getting the same error. Anyone know why this is happening or can offer any help? Thanks in advance.

I ran the command < GetUserSPNs.py -target-domain FREIGHTLOGISTICS.LOCAL INLANEFREIGHT/wley > wley credentials were found earlier in the module.

1 Like

My question wasn’t in regards to credentials, but around how when you add the -request flag to that otherwise working command, you get the error. I figured out though that you need to specify INLANEFREIGHT.LOCAL\wley when adding the -request flag to not result in that DNS error.

I specified INLANEFREIGHT.LOCAL\wley but keeps getting the error Principal: FREIGHTLOGISTICS.LOCAL\sapsso - [Errno 104] Connection reset by peer. Anyone encountered this as well?

1 Like

Yes i have the same error were u able to resolve it?

Yes. Use the -dc-ip flag instead of the target-domain flag. The IP of the Domain Controller should be already known through enumeration in the previous sections.