Description
Scans for accounts that do not require Kerberos pre-authentication.
Overview
Scans a list of usernames to identify accounts that do not require Kerberos pre-authentication (DONT_REQUIRE_PREAUTH). These accounts are vulnerable to AS-REP roasting attacks. This is useful when you have a list of potential usernames but want to identify targets before performing the actual roasting.
Parameter Sets
File
Provide a path to a file on the target containing usernames (one per line) or a comma-separated list of usernames.
| Parameter | Type | Required | Description |
|---|---|---|---|
| Users | string | Yes | Path to a file containing usernames to scan, or comma-separated usernames. |
| Domain | string | No | The target domain. |
| DC | string | No | The domain controller to target. |
Wordlist
Uses a built-in list of common Active Directory usernames to scan.
| Parameter | Type | Required | Description |
|---|---|---|---|
| Wordlist | string[] | No | List of usernames to scan. A built-in wordlist is used by default. |
| Domain | string | No | The target domain. |
| DC | string | No | The domain controller to target. |
Dependencies
- AD
Operating Systems
- Windows