From d1060930c7af88730e983155077b56b3cc47a4dc Mon Sep 17 00:00:00 2001
From: Mike Brancato <mbrancato@users.noreply.github.com>
Date: Wed, 4 Jan 2017 23:23:25 -0500
Subject: Fix errors gathering the forest SID

Pull the SID directly from the 'krbtgt' user to avoid errors in ConvertTo-SID
---
 Recon/PowerView.ps1 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'Recon/PowerView.ps1')

diff --git a/Recon/PowerView.ps1 b/Recon/PowerView.ps1
index 17d5b9e..5598dbe 100755
--- a/Recon/PowerView.ps1
+++ b/Recon/PowerView.ps1
@@ -3891,10 +3891,10 @@ to the forest root domain SID.
         if ($ForestObject) {
             # get the SID of the forest root
             if ($PSBoundParameters['Credential']) {
-                $ForestSid = ConvertTo-SID -ObjectName "krbtgt@$($ForestObject.RootDomain)" -Credential $Credential
+                $ForestSid = (Get-DomainUser -Identity "krbtgt" -Domain $ForestObject.RootDomain.Name -Credential $Credential).objectsid
             }
             else {
-                $ForestSid = ConvertTo-SID -ObjectName "krbtgt@$($ForestObject.RootDomain)"
+                $ForestSid = (Get-DomainUser -Identity "krbtgt" -Domain $ForestObject.RootDomain.Name).objectsid
             }
 
             $Parts = $ForestSid -Split '-'
-- 
cgit v1.2.3