Now that you have a list of valid users, test them for AS-REP Roasting. This attack targets users who do not require Kerberos pre-authentication, allowing an attacker to request a ticket and crack the password hash offline. Use the Impacket tool GetNPUsers.py :
evil-winrm -u svc-alfresco -p s3rvice -i 10.10.10.161 forest hackthebox walkthrough best
We need to check which of the users we found has "Pre-Auth" disabled. We can do this using the GetNPUsers.py script from the Impacket suite. Now that you have a list of valid