We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
https://www.jgeek.cn/article/126.html
使用 Nmap 对目标服务器开放端口进行识别,发现存在 smb 服务、laps 服务。通过 SMB 文件共享获得一个压缩包,对压缩包进行密码爆破得到 .pfx 证书文件。随后通过密码爆破成功从 pfx 文件中导出公钥、私钥,使用 evil-winrm 配合公钥、私钥成功拿到 legacyy 用户的交互shell。随后在 PowerShell 执行命令 Log 中找到 svc_deploy 用户的凭证,完成横向移动。最后在 LAPS 信息中成功找到 Administrator 用户凭证...
svc_deploy
The text was updated successfully, but these errors were encountered:
No branches or pull requests
https://www.jgeek.cn/article/126.html
使用 Nmap 对目标服务器开放端口进行识别,发现存在 smb 服务、laps 服务。通过 SMB 文件共享获得一个压缩包,对压缩包进行密码爆破得到 .pfx 证书文件。随后通过密码爆破成功从 pfx 文件中导出公钥、私钥,使用 evil-winrm 配合公钥、私钥成功拿到 legacyy 用户的交互shell。随后在 PowerShell 执行命令 Log 中找到
svc_deploy
用户的凭证,完成横向移动。最后在 LAPS 信息中成功找到 Administrator 用户凭证...The text was updated successfully, but these errors were encountered: