Hi. Thank you very much for your time writing this tool!

I can successfully add shadow credentials when authenticating using a plaintext password but when I try the same using Kerberos authentication on the same machine in the same "session" it fails with "invalid server address". I have tested all kind of variations of the parameters such as "-d [domain]" and "--dc-ip [DC IP]" in various locations of the command but I always get the same error. Note that I have no issues using for example Impacket's secretsdump script with Kerberos in the same environment.

I also noted that you have not used the "-k" parameter in any of your examples here so I cannot check my command against an example.

Hey there! Strange... it should work. Can you attack screenshots or logs of your tests? Please use -vv to have debug level logs.

Sure! In the screenshot you see a working TGT request, export of the credential cache, a list of the active ticket and the attempt to add shadow credentials authenticating using Kerberos which fails. I used the flag "-vv" for that but I got no extra output.

At the end of the screenshot you see a working example of adding shadow credentials authenticating using a plaintext password and using the same accounts and the same DC as above.

Hey @jsdhasfeds, I just created a PR solving the issue, feel free to try it out :)

Should be fixed in #3 and #4, closing the issue, feel free to open it again if needed 😉