Task 4 - Enumerating Users via Kerberos

Task 4 Enumeration Enumerating Users via Kerberos

In order to use Kerbrute to enumerate the users, you will also need to download the provided User List and Password List which you can get from Sq00ky's repo attacktive-directory-tools.

What command within Kerbrute will allow us to enumerate valid usernames?

HINT: ./kerbrute -h may help you

Kerbrute bruteforces and enumerates valid Active Directory accounts through Kerberos Pre-Authentication. The following command will attempt to enumerate valid usernames given a list of usernames to try:

kerbrute

kerbrute userenum -d domain.tld usernames.txt

Reveal Flag 🚩

🚩userenum

What notable account is discovered?

(These should jump out at you)

Reveal Flag 🚩

🚩svc-admin

What is the other notable account is discovered?

(These should jump out at you)

Reveal Flag 🚩

🚩backup