Skip to content

Add Kerberos type hashes to cracking #20881

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
h00die wants to merge 6 commits into
base: master
Choose a base branch
from
Draft

Add Kerberos type hashes to cracking #20881

h00die wants to merge 6 commits into from
+205 −107

Conversation

@h00die
Copy link
Contributor

@h00die h00die commented Jan 18, 2026

fixes #20871
fixes #20872

Drafted while I finish up hash_crack_validator.rb

@h00die
Copy link
Contributor Author

h00die commented Jan 18, 2026
edited
Loading

Use crack_windows in hashcat mode:

[+] Cracked Hashes
==============

 DB ID  Hash Type       Username        Cracked Password  Method
 -----  ---------       --------        ----------------  ------
 121    krb5tgs-rc4     krb5tgs-rc4     Password1!        Already Cracked/POT
 122    krb5tgs-aes128  krb5tgs-aes128  hashcat           Already Cracked/POT
 123    krb5tgs-aes256  krb5tgs-aes256  hashcat           Already Cracked/POT
 124    krb5asrep-rc4   krb5asrep-rc4   hashcat           Already Cracked/POT
 125    timeroast       timeroast       hashcat           Already Cracked/POT

sjanusz-r7
sjanusz-r7 reviewed Jan 22, 2026
View reviewed changes
lib/metasploit/framework/password_crackers/hashcat/formatter.rb
nil
when /^krb5$/
return "#{cred.id}:#{cred.private.data}"
# when /^krb5$/
Copy link
Contributor

@sjanusz-r7 sjanusz-r7 Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are we concerned about the exact krb5 string not being matched against any cred private type anymore? e.g. would we miss any matches and fall through? /^(krb5.|timeroast$)/ matches different values than /^krb5$/.

@h00die
Copy link
Contributor Author

h00die commented Jan 25, 2026

#20881 is a prerequisite as I pulled out a bunch of the john fixes to make this easier to look at.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sjanusz-r7 sjanusz-r7 sjanusz-r7 left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@jheysel-r7 jheysel-r7

Labels

enhancement

Projects

Metasploit Kanban
Status: Todo

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Timeroast Cracking Support Kerberoast Improvements

3 participants

@h00die @sjanusz-r7 @jheysel-r7