From a4727e972aae4afca3efdeaa91186dbf757a9b69 Mon Sep 17 00:00:00 2001
From: six-two <git@six-two.dev>
Date: Sat, 17 Aug 2024 18:34:19 +0200
Subject: [PATCH] Added KDC_ERR_CLIENT_NOT_TRUSTED problem to README

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index bc729dc..41b20a6 100644
--- a/README.md
+++ b/README.md
@@ -94,6 +94,7 @@ Done. Saved forged certificate to localadmin.pfx with the password 'NewPassword1
 
 This forgery can be done on an attacker-controlled system, and the resulting certificate can be used with [Rubeus](https://github.com/GhostPack/Rubeus) to request a TGT (and/or retrieve the user's NTLM ;)
 
+If you get the `KRB-ERROR (62) : KDC_ERR_CLIENT_NOT_TRUSTED` when requesting the TGT with Rubeus, try forging your certificate with a CRL (`--CRL <LDAP_PATH>`).
 
 ## Defensive Considerations