Red Teaming Active Directory Lab #2 Task 2 Constrained Delegation

I am working on Constrained Delegation part of the lab and I have used rubeus to create the service ticket for http on dev01 with this command:

This is asinine that I can only embed one image at a time I will reply with the rest I guess

When I check to see if the ticked is imported it is indeed listed:

When I try to interact with DEV01 using ps remoting I get this error:

Can you try without username and password flags?

yeah I did that. I also just ran invoke-command -computername dev01 -scriptblock{hostname} with the same error.

I also tried switching to CIFS too and just ran shellcmd to run dir on C$ with access denied. I think I may be on to something. I am going to do do some testing tonight or tomorrow to figure out if my theory is right or not.

figured this out on my own. Pay close attention to how you request your ticket. if you use the FQDN then make sure you reference the the host by the FQDN when trying to access the service.

1 Like