Description
Substitutes the service name in an existing TGS ticket to target a different service.
Overview
Substitutes the service name (SPN) in an existing Kerberos TGS ticket. Since the service name in a TGS ticket is not cryptographically protected, it can be modified to target a different service on the same host without re-requesting the ticket.
Arguments
| Parameter | Type | Description |
|---|---|---|
| Ticket | string | The base64-encoded ticket to modify. |
| AltService | string | The new service name (e.g., cifs, ldap, http). |
| Ptt | switch | Pass the modified ticket into the current session. |
Additional Parameters
- SRealm: Override the service realm.
Dependencies
- AD
Operating Systems
- Windows