TimeSync: obtain hash using MS-SNTP for user accounts

by · Published · Updated

TimeSync

Tool to obtain hash using MS-SNTP for user accounts

Requirements

  • Python 3.x
  • ldap3 library for LDAP operations

Installations

  1. Clone the repository:

    git clone https://github.com/yourusername/timeroast.git
    cd timeroast

  2. Install the required Python packages:

    pip install .

Use

timesync -u <username> -p <password> -d <domain> -H <ntlm_hash> -t <target_user>

  • -u--username: Username for authentication (required)
  • -p--password: Password for authentication (required)
  • -d--domain: Domain name (required)
  • -H--hash: NTLM hash for Pass-the-Hash authentication
  • -t--target: Target user or group to query
  • --dc-ip: IP address of the domain controller to avoid DNS resolution issues

Example

Extract hash for user test in domain test.local

timesync -u test -p test -d test.local -t test

Extract all hashes for users in group group1 with verbosity

timesync -u test -p test -d test.local -t group1 -v

Extract all hashes for users in domain test.local

timesync -u test -p test -d test.local

Source: https://github.com/PShlyundin/

Tags: