Description
Forges a Kerberos Silver Ticket for a specific service using the service account key.
Overview
Forges a Kerberos Silver Ticket (TGS) for a specific service using the service account’s key. Silver Tickets provide access to a single service without contacting the KDC, making them stealthier than Golden Tickets.
Arguments
| Parameter | Type | Description |
|---|---|---|
| User | string | The username for the forged ticket. |
| Domain | string | The target domain FQDN. |
| SID | string | The domain SID. |
| Service | string | The target SPN (e.g., cifs/server.domain.com). |
| RC4 | string | The RC4/NTLM hash of the service account. |
| AES256 | string | The AES256 key of the service account. |
| EncType | string | The encryption type for the ticket. |
| Groups | string | Comma-separated group RIDs to include. |
| Id | int | The user RID for the forged ticket. |
| Ptt | switch | Pass the ticket into the current session. |
| Ldap | switch | Retrieve domain info via LDAP for realistic ticket. |
Additional Parameters
- DC: Domain controller for LDAP lookups.
Dependencies
- AD
Operating Systems
- Windows