Hi,
at first awesome tool.
I encountered an issue with the skeleton key scan. In an upgraded domain (e.g. from 2003 to 2008) it can happen that systems didn't logged in since the upgrade, hence they don't support Encryption-Type 0x12 (AES-256). As your scan picks an arbitrary system it can lead to false-positives.
A solution could be to check if the system has a lastlogontimestamp < 14 days.
Cheers
Hi,
at first awesome tool.
I encountered an issue with the skeleton key scan. In an upgraded domain (e.g. from 2003 to 2008) it can happen that systems didn't logged in since the upgrade, hence they don't support Encryption-Type 0x12 (AES-256). As your scan picks an arbitrary system it can lead to false-positives.
A solution could be to check if the system has a lastlogontimestamp < 14 days.
Cheers