How to connect to DC1 Windows Attacks & Defence

i still getting same Sid (looking in security logs), sorted by time and checked but still same bro
can you share event ID?

Event ID 4769

still no luck

First do the attack and then check the event log

ohh, thanks bro i will try that

thanks so much bro, got it
Note - whoever follow this conversation, to get the answer do the Kerberoasting attack first and then RDP to DC1 straightaway

1 Like

does need filter out the service name , i had try filter on Security , Event ID is 4769 , filter all the ServerSid to the file for easy to look but all that is wrong answer

oh nerver mind i got it

1 Like

I understand that for Kerberoasting and AS-REProasting there’s issues for connecting to the Kali VM. I had the same problem, but to sort it I carried out the first part of each section (using Rubeus) on the WS001 VM that is mentioned in the question. After that I connected to Kali using the details supplied in Coercing Attacks & Unconstrained Delegation in order to complete the Kali section.

More specific details: I copied the file contents of the outfile into notes on my own laptop, before recreating that txt file in the Kali VM. In order to do the second question of both, simply run the Rubeus on WS001 and then connect to DC1 and your results will be there without needing to use the Kali VM.

Hope this helps anyone that felt like they couldn’t complete the question because they don’t have access to Kali on their own device.

{EDIT} There is also extra IP addresses for the VMs located in the Overview and Lab Environment section - Completely missed this and it is probably the way you’re meant to do it.

Hey Liam,
I was wondering if you could help me out. The kali VM is not working for me either. I noticed that you mention to use WS001 VM for the AS-REProasting attack. I was successful in using that VM for the Kerberoasting, but when it comes to the AS-REProasting attack, i go to use hashcat and i the “passwords.txt” file is nowhere to be found. I assumed that it was on the kali box but some people seem to be successful. If you have any advice, it would be much appreciated! thank you

Hi, I see where your problem seems to be. I went to run the attack again using the credentials supplied in the overview but they did not work for me.

Instead, I would encourage connecting to Kali through the other credentials supplied; as previously mentioned “After that I connected to Kali using the details supplied in Coercing Attacks & Unconstrained Delegation in order to complete the Kali section”.

This way, the passwords.txt file will be in the home directory (the one you will currently be in when connecting).

Hope this helps!

1 Like

This makes sense. I would not assume one would have to jump ahead sections to circumvent that process, but otherwise, there would be no way. Very clever! Thanks again for your help.

i am having issue logging into the kali machine. i have tried the ip from the documentation on the previous page but cant not connect via ssh or xfreerdp. plz help

did you solve this yet? if not let me know i figured it out

when solving these modules, 60-70% of the time is spent looking for workarounds how to connect to something etc…

After connecting to RDP you can get SID with CMD query, the name is provided in the question field.