Description
Forges a Kerberos Golden Ticket using the krbtgt key.
Overview
Forges a Kerberos Golden Ticket using the krbtgt account key. Golden Tickets grant unrestricted access to any service in the domain by forging a valid TGT with arbitrary group memberships and user identity.
Arguments
| Parameter | Type | Description |
|---|---|---|
| User | string | The username for the forged ticket. |
| Domain | string | The target domain FQDN. |
| SID | string | The domain SID. |
| RC4 | string | The RC4/NTLM hash of the krbtgt account. |
| AES256 | string | The AES256 key of the krbtgt account. |
| EncType | string | The encryption type for the ticket. |
| Groups | string | Comma-separated group RIDs to include. |
| Id | int | The user RID for the forged ticket. |
| Ptt | switch | Pass the ticket into the current session. |
| Ldap | switch | Retrieve domain info via LDAP for realistic ticket. |
Additional Parameters
- DC: Domain controller for LDAP lookups.
- AdditionalSIDs: Extra SIDs to add to the ticket PAC.
Dependencies
- AD
Operating Systems
- Windows