Attacking Active Directory: AS-REP Roasting

AS-REP Roasting This attack is caused by a domain user not having Kerberos pre-authentication enabled. For this Demo i'll be using my Active Directory lab project ( DOA lab ) check it out my GitHub. LAB DIAGRAM AND SPECS Specifications VM Name OS IP Address Role Specs DOA-DC Windows Server 2019 10.0.2.7 (static) Domain Controller 4GB RAM, 50GB HDD DOA-PC01 Windows 10 Pro 10.0.2.101 (DHCP) Domain-joined client 2GB RAM, 40GB HDD DOA-PC02 Windows 10 Pro 10.0.2.100 (DHCP) Domain-joined client 2GB RAM, 40GB HDD KALI Kali Linux 6.18 10.0.2.250 (static) Attack Machine 4GB RAM, 80GB HDD domain name: doa.local Attack Demo Step 1 — Disable Pre-Authentication On the domain controller, disable pre-authentication using the Disable-KerbPreAuth.ps1 script, which randomly selects 2 users under the "LabUsers" OU and disables their pre-authentication. Looks like ujack and kchimaev were randomly selected (natural selection, I guess). To verify, checking the user properties confirms the "Do Not Require Ke