Skip to content

connection string

skelsec edited this page Aug 16, 2019 · 1 revision

Disclaimer

Some modules will expect you to enter some form of network credentials.
All network credentials will be expected to be in the connection_string format.
This page will help you understand the connection_string format

Why so complex?

It's not, just unusual.

The connection_string format

<DOMAIN>/<USERNAME>/<SECRET_TYPE>:<SECRET>@<TARGET_IP_OR_HOSTNAME>

Parameters explained:

  • DOMAIN : Name of the domain, if no domain is expected just leave it empty.
  • USERNAME : Username
  • SECRET_TYPE : Defines the type of secret you with to use.
  • SECRET : Format depends on the SECRET_TYPE. Can be empty in some cases.
  • TARGET_IP_OR_HOSTNAME : The IP address or hostname of the target you wish to connect to.

The SECRET_TYPE:

  • pw/pass/password : Plaintext password
  • nt: NT hash
  • sspi: Use integrated SSPI, SECRET can be left empty.
  • ccache: Take credentials from CCACHE file. SECRET is a path to the ccache file.

Example:

  • Plaintext:
    • TEST/user/pw:@192.168.1.1 (you will be propted for password)
    • TEST/user/pw:SecretPassword@192.168.1.1
    • TEST/user/password:SecretPassword@192.168.1.1
    • TEST/user/pass:SecretPassword@192.168.1.1
  • NT hash:
    • TEST/user/nt:921a7fece11f4d8c72432e41e40d0372@192.168.1.1
  • SSPI:
    • TEST/user/sspi:@192.168.1.1

Home

Live commands

Platform-independent commands

ConnectionString

Clone this wiki locally
You can’t perform that action at this time.