Description
Requests a Kerberos TGT from the KDC using the specified credentials.
Overview
Requests a Kerberos TGT (Ticket Granting Ticket) from the KDC using the specified credentials. Supports password, NTLM hash, AES key, and certificate-based authentication.
Arguments
| Parameter | Type | Description |
|---|---|---|
| User | string | The username to request the TGT for. |
| Domain | string | The target domain. Defaults to the current domain. |
| Password | string | The plaintext password for authentication. |
| RC4 | string | The RC4/NTLM hash for authentication. |
| AES256 | string | The AES256 key for authentication. |
| DC | string | The domain controller to target. |
| EncType | string | The encryption type to request (RC4, AES128, AES256, DES). |
| Ptt | switch | Pass the ticket into the current session. |
Additional Parameters
- AES128: AES128 key for authentication.
- DES: DES key for authentication.
- Certificate: Certificate for PKINIT authentication.
- Luid: Target logon session ID.
- Opsec: Use opsec-safe request format.
- Force: Force ticket request even if one exists.
- NoPAC: Request TGT without PAC.
- NoPreAuth: Send AS-REQ without pre-authentication.
- NoWrap: Do not wrap output ticket in column.
- PrintArgs: Print parsed arguments.
Dependencies
- AD
Operating Systems
- Windows