It is vulnerable to the user whose Do not require Kerberos preauthentication is enabled . It will send AS-REQ and AS-REP we will receive the hash of that user

• Checking user
• Extracting hash