[changed]
-Merged @mark-s' PR that broke out Program.cs' commands into 'Command' classes for easier command addition.
-Commands that pass /dc:X are now passed through Networking.GetDCIP(), which resolves the DC name (if null) and returns the DC IP. Code refactored to use this centralized resolver.
-The /user:USER flag can now be /user:DOMAIN.COM\USER (auto-completes /domain:Y).
-The "harvest" command now returns the user ticket with the latest renew_till time on intial extraction.
[new] "asktgs" action
-takes /ptt:X, /dc:X, /ticket:X flags like asktgt
- /service:X takes one or more SPN specifications
[new] "tgtdeleg" action
-reimplements @gentilkiwi's Kekeo tgt::deleg action
-uses the GSS-API Kerberos specification (RFC 4121) to request a "fake" delegation context that stores a KRB-CRED in the Authenticator Checksum
-combined with extracting the service session key from the local cache, this allows us to recover usable TGTs for the current user without elevation
[added] "s4u" action
-Added option for multiple alternate snames (/altservice:X,Y,...)
-This executes the S4U2self/S4U2proxy process only once, and substitutes the multiple alternate service names
into the final resulting service ticket structure(s) for as many snames as specified
[fix] "dump" action
-Corrected extraction of complete ServiceName/TargetName strings
[fix] "asreproast" action
-fixed salt demarcation line for "asreproast" hashes
-added eventual hashcat output format, use "/format:<john/hashcat>", default of "john"
[fix] "kerberoast" action
-Added reference for @machsosec for the KerberosRequestorSecurityToken.GetRequest Kerberoasting Method()
-Corrected encType extraction for the hash output
--The executes the S4U2self/S4U2proxy process only once, and substitutes the multiple alternate
service names into the final resulting service ticket structure(s) for as many snames as specified