Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password. Either of the resulting keys can be utilized with Impacket’s to obtain a TGT for the account, provided it is configured to support AES encryption.

This is a Python port of Kevin Robertson’s Get-KerberosAESKey.ps1


Keep in mind AD user account names are case sensitive when supplying the -user flag

Calculate AES keys for a AD user account:

python3 -domain domain.local -user matt -pass Password1

Calculate AES keys for an AD computer account:

python3 -domain domain.local -user laptop123 -pass Password1 -host

Use Impacket’s with a resulting AES key to obtain a TGT:

python3 domain.local/matt -aesKey <AES256/128 key>


View Github