noPac
December 16, 2021 ยท View on GitHub
This Fork now supports more encryption schemes (default is now AES256) for better OPSEC and improved usage in cases that the target domain disabled RC4 support.
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. Yet another low effort domain user to domain admin exploit.
If a Domain Controller is vulnerable it will return a TGT without a PAC, so keep an eye on small size tickets.


Mitigation
Patch your Domain Controllers!
Credits
cube0x0 for the original noPac code
Charlie Clark for his Rubeus fork and Kevin Robertson for SharpMad