Comments (14)
Hey @MichaelGrafnetter thanks for pointing this out! I'm downloading TP5 now and will give a try with impacket
. Right now I'm expecting receiving DRS_EXT_GETCHGREPLY_V6
. Cannot you control that through DRSBind.dwFlags
?
from mimikatz.
@asolino It seems that once PAM is enabled, DC only returns DRS_MSG_GETCHGREPLY_V9 and fails if the client does not support it, because otherwise it could not tell the client about the expiring links.
from mimikatz.
more than just fun with flags
from mimikatz.
@gentilkiwi You read my mind!
from mimikatz.
All right.. fair point.. that for the clarification @MichaelGrafnetter!
from mimikatz.
There are still a few undocumented flags, because TP5 returns this in DRS_EXTENSIONS_INT with RB+PAM enabled:
dwExtCaps = 2047
dwFlagsExt = 526
dwFlags = 1073741695
from mimikatz.
I get it work, you need 0x200
;)
from mimikatz.
from mimikatz.
So it was fun with flags after all... Sorry for spreading unverified info, @asolino . But to my excuse, even the doc is somewhat smoke and mirrors.
from mimikatz.
It could have been much more complex.
Fortunately, the structures have very compatible unions (Req v8/v10 & Rep v6/v9)
from mimikatz.
I have fixed it in DSInternals, too, but you beat me to it. Nevertheless, I just learned something and I had fun doing it. ;-)
from mimikatz.
Because I don't want to give a fuck about future flags:
DRS_EXT_RECYCLE_BIN
DRS_EXT_PAM
- ...
ac09c27 (pDrsExtensionsInt->dwExtCaps = MAXDWORD32
)
Thank you for nice exchanges @MichaelGrafnetter & @asolino
from mimikatz.
That's uber potential! ;) ;) :)
thanks for the quick turn around.. and likewise @gentilkiwi & @MichaelGrafnetter
from mimikatz.
@gentilkiwi Hopefully, your cannonball approach will turn out to be futureproof. And Ben, you really are a meme machine! ;-)
from mimikatz.
Related Issues (20)
- Can't find way to run Mimikatz in context of a domain administrator on non-domain-joined PC for DC Shadow attack HOT 8
- can't find a syntax to call Mimikatz from the command line with embedded quotes HOT 1
- Mimikatz on Windows 11 with/without Credential Guard HOT 5
- ts::logonpasswords no passwords in latest win10 build HOT 2
- Same old "ERROR kuhl_m_sekurlsa_acquireLSA ; Logon list" again... HOT 6
- Windows 11 Build 10.0.22621.1848 HOT 2
- Problem with Decrypting Masterkeys HOT 2
- Cant export certificate and its public key to DER HOT 1
- Function kull_m_cred_create does not copy actual credentials blob size HOT 2
- armζΆζδΈδΈζ―ζεθ―注ε ₯θΏη¨ HOT 3
- Not displaying passords in plain text. HOT 1
- ERROR kuhl_m_sekurlsa_acquireLSA ; Logon list on win11-22h2-pro HOT 2
- EFS files - Masterkey with empty user password in windows login HOT 1
- UTF-8 / nanodump -> mimikatz and pypykatz errors HOT 4
- Problem Working for Windows 11 ARM64
- Mimikatz Golden Ticket fails to create PAC attribute RequestorSID
- Why i am not Getting the MasterKey
- Skeleton Key on "MSV" SSP HOT 1
- I detect a trojan when downloading the zip Trojan:Win32/Vigorf.A zip HOT 1
- oxnan/mimikatz issue : windows 21h2 22000.318 run error
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mimikatz.