TGS-REP TICKET decrypting problem
Wang Weijun
weijun.wang at oracle.com
Tue Jun 10 07:06:25 EDT 2014
Good news.
The NTDSXtract tool described on the Wireshark wiki works. I am now able to decrypt an initial TGT and can confirm the session key inside is the same as the one in the AS-REP.
My AD is Windows 2008 R2.
--Max
On Jun 10, 2014, at 16:16, Wang Weijun <weijun.wang at oracle.com> wrote:
> I don't have a better answer. Maybe you can try the other tools mentioned on the page.
>
> --max
>
> On Jun 10, 2014, at 15:17, somenath saha <saha.somenath.88 at gmail.com> wrote:
>
>> thanks Wang. but it did not help me as ktexport doesn't work. please provide me some other solution. i'm stuck yet.
>>
>> regards,
>> somenath
>>
>>
>> On Tue, Jun 10, 2014 at 10:15 AM, Wang Weijun <weijun.wang at oracle.com> wrote:
>> Windows hides the keys in a "protected storage". After some googling, I find a page showing how to reset or extract those keys. Hope it helps (I haven't tried it).
>>
>> http://wiki.wireshark.org/Kerberos
>>
>> --max
>
More information about the krbdev
mailing list