Description
Dumps Kerberos tickets from all logon sessions with base64-encoded ticket data.
Overview
Dumps Kerberos tickets from all logon sessions, including the base64-encoded ticket data. Requires elevated privileges to dump tickets from sessions other than the current user. The extracted tickets can be used with Pass-the-Ticket attacks.
Arguments
| Parameter | Type | Description |
|---|---|---|
| Luid | string | The target logon session LUID. |
| User | string | Filter by client username. |
| Service | string | Filter by service name. |
Additional Parameters
- Server: Filter by server name.
Dependencies
- AD
Operating Systems
- Windows