From f047b1d429b18e99511bb40c0b9404da688fc65c Mon Sep 17 00:00:00 2001 From: 0xe7 Date: Mon, 7 Sep 2020 21:16:20 +0100 Subject: [PATCH] fixing kerberoasting when using TGT to authenticate but not supplying SPNs --- Rubeus/lib/Roast.cs | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Rubeus/lib/Roast.cs b/Rubeus/lib/Roast.cs index d4c53ced..1ab799e6 100755 --- a/Rubeus/lib/Roast.cs +++ b/Rubeus/lib/Roast.cs @@ -7,6 +7,7 @@ using System.DirectoryServices; using System.DirectoryServices.AccountManagement; using System.Collections.Generic; +using Rubeus.lib.Interop; namespace Rubeus { @@ -333,6 +334,12 @@ public static void Kerberoast(string spn = "", List spns = null, string } } + if (TGT != null) + { + byte[] kirbiBytes = TGT.Encode().Encode(); + LSA.ImportTicket(kirbiBytes, new LUID()); + } + DirectoryEntry directoryObject = null; DirectorySearcher userSearcher = null;