In Kerberos, the answer is effectively no. To generate the NT hash, the password is hashed using a single round of MD4. This is what is used to encrypt (and sign) tickets.
The attack is, guess a password, hash it, and attempt to decrypt.
With AES Kerberos keys there is a salt... but not a good one. It is just the domain (realm) and the username.
The attack is, guess a password, hash it, and attempt to decrypt.
With AES Kerberos keys there is a salt... but not a good one. It is just the domain (realm) and the username.