TGS-REP TICKET decrypting problem
somenath saha
saha.somenath.88 at gmail.com
Tue Jun 10 07:11:32 EDT 2014
thnaks max,
currently i try to use NTDSXtract tool. I think esedbexport works only
in UNIX. am i right max?
On Tue, Jun 10, 2014 at 4:36 PM, Wang Weijun <weijun.wang at oracle.com> wrote:
> Good news.
>
> The NTDSXtract tool described on the Wireshark wiki works. I am now able
> to decrypt an initial TGT and can confirm the session key inside is the
> same as the one in the AS-REP.
>
> My AD is Windows 2008 R2.
>
> --Max
>
> On Jun 10, 2014, at 16:16, Wang Weijun <weijun.wang at oracle.com> wrote:
>
> > I don't have a better answer. Maybe you can try the other tools
> mentioned on the page.
> >
> > --max
> >
> > On Jun 10, 2014, at 15:17, somenath saha <saha.somenath.88 at gmail.com>
> wrote:
> >
> >> thanks Wang. but it did not help me as ktexport doesn't work. please
> provide me some other solution. i'm stuck yet.
> >>
> >> regards,
> >> somenath
> >>
> >>
> >> On Tue, Jun 10, 2014 at 10:15 AM, Wang Weijun <weijun.wang at oracle.com>
> wrote:
> >> Windows hides the keys in a "protected storage". After some googling, I
> find a page showing how to reset or extract those keys. Hope it helps (I
> haven't tried it).
> >>
> >> http://wiki.wireshark.org/Kerberos
> >>
> >> --max
> >
>
>
More information about the krbdev
mailing list