LinkedinTryHackme

Enumerating & Retrieving Password Policies

  • Enumerando a política de senha - do Linux - Credentialed

crackmapexec smb 172.16.5.5 -u avazquez -p Password123 --pass-pol

  • Usando rpcclient

rpcclient -U "" -N 172.16.5.5

querydominfo

getdompwinfo : Obtendo a politica de senha

  • Usando enum4linux

enum4linux -P 172.16.5.5

  • Usando enum4linux-ng

enum4linux-ng -P 172.16.5.5 -oA ilfreight

  • Exibindo o conteúdo de ilfreight.json

cat ilfreight.json

  • Usando ldapsearch

ldapsearch -h 172.16.5.5 -x -b "DC=INLANEFREIGHT,DC=LOCAL" -s sub "*" | grep -m 1 -B 10 pwdHistoryLength

Enumerando a política de senha - do Windows

  • Usando net.exe

net accounts

  • Usando o PowerView

import-module .\PowerView.ps1
Get-DomainPolicy
PreviousLLMNR/NBT-NS Poisoning - from WindowsNextPassword Spraying - Making a Target User List

Last updated