Skip to content

XiaoliChan/Invoke-sAMSpoofing

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
Invoke-sAMSpoofing.ps1
Invoke-sAMSpoofing.ps1
 
 
README.md
README.md
 
 

Repository files navigation

Invoke-sAMSpoofing

CVE-2021-42287/CVE-2021-42278 exploits in powershell

Table of content

Overview

A simple script to attack AD with CVE-2021-42287/CVE-2021-42278 exploits automatically.

Menu

  • Invoke-sAMSpooofing
  • Invoke-GoldenTicket
  • Invoke-GoldenTips
  • RemoveMachineAccount
  • Invoke-Rubeus
  • ADSIHound
  • Invoke-DCSync

Screenshots

  • Invoke-sAMSpooofing
    image image

  • Invoke-GoldenTicket (Just krbtgt hashes needed) image image

    Golden ticket also injected into memory and generate to file.
    image

  • Invoke-GoldenTips
    image

  • RemoveMachineAccount (Need domain admins privileges, also you can do this after create golden ticket.)
    image

  • Invoke-Rubeus
    image

References

About

CVE-2021-42287/CVE-2021-42278 exploits in powershell

Resources

Readme
Activity

Stars

37 stars

Watchers

1 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages