-Added /outfile:X to output hashes to a file for kerberoast/asreproast, one hash per line
-changed asreproast's default behavior to match kerberoast
-clustered the default output help menu around function (things were getting crowded)
See CHANGELOG.md for full details
[new] "asktgs" action
-takes /ptt:X, /dc:X, /ticket:X flags like asktgt
- /service:X takes one or more SPN specifications
[new] "tgtdeleg" action
-reimplements @gentilkiwi's Kekeo tgt::deleg action
-uses the GSS-API Kerberos specification (RFC 4121) to request a "fake" delegation context that stores a KRB-CRED in the Authenticator Checksum
-combined with extracting the service session key from the local cache, this allows us to recover usable TGTs for the current user without elevation
[added] "s4u" action
-Added option for multiple alternate snames (/altservice:X,Y,...)
-This executes the S4U2self/S4U2proxy process only once, and substitutes the multiple alternate service names
into the final resulting service ticket structure(s) for as many snames as specified
[fix] "dump" action
-Corrected extraction of complete ServiceName/TargetName strings
[fix] "asreproast" action
-fixed salt demarcation line for "asreproast" hashes
-added eventual hashcat output format, use "/format:<john/hashcat>", default of "john"
[fix] "kerberoast" action
-Added reference for @machsosec for the KerberosRequestorSecurityToken.GetRequest Kerberoasting Method()
-Corrected encType extraction for the hash output
--The executes the S4U2self/S4U2proxy process only once, and substitutes the multiple alternate
service names into the final resulting service ticket structure(s) for as many snames as specified
HarmJ0y
Dwight Hohnstein