Autodetect DC from realm for /changepw

Make /changepw use the user realm when autodetecting the DC.
GhostPack · Apr 24, 2023 · 132f604 · 132f604
1 parent bec0e35
commit 132f604
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/Rubeus/lib/Reset.cs b/Rubeus/lib/Reset.cs
@@ -28,13 +28,13 @@ public static void UserPassword(KRB_CRED kirbi, string newPassword, string domai
             //      KRB-PRIV structure containing ChangePasswdData, enc w/ the sub session key
             // reference: Microsoft Windows 2000 Kerberos Change Password and Set Password Protocols (RFC3244)
 
-            string dcIP = Networking.GetDCIP(domainController);
-            if (String.IsNullOrEmpty(dcIP)) { return; }
-
             // extract the user and domain from the existing .kirbi ticket
             string userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
             string userDomain = kirbi.enc_part.ticket_info[0].prealm;
 
+            string dcIP = Networking.GetDCIP(domainController, false, userDomain);
+            if (String.IsNullOrEmpty(dcIP)) { return; }
+
             if (targetUser == null) {
                 Console.WriteLine("[*] Changing password for user: {0}@{1}", userName, userDomain);
             } else {