Skip to content

connection string

skelsec edited this page Aug 16, 2019 · 1 revision


Some modules will expect you to enter some form of network credentials.
All network credentials will be expected to be in the connection_string format.
This page will help you understand the connection_string format

Why so complex?

It's not, just unusual.

The connection_string format


Parameters explained:

  • DOMAIN : Name of the domain, if no domain is expected just leave it empty.
  • USERNAME : Username
  • SECRET_TYPE : Defines the type of secret you with to use.
  • SECRET : Format depends on the SECRET_TYPE. Can be empty in some cases.
  • TARGET_IP_OR_HOSTNAME : The IP address or hostname of the target you wish to connect to.


  • pw/pass/password : Plaintext password
  • nt: NT hash
  • sspi: Use integrated SSPI, SECRET can be left empty.
  • ccache: Take credentials from CCACHE file. SECRET is a path to the ccache file.


  • Plaintext:
    • TEST/user/pw:@ (you will be propted for password)
    • TEST/user/pw:SecretPassword@
    • TEST/user/password:SecretPassword@
    • TEST/user/pass:SecretPassword@
  • NT hash:
    • TEST/user/nt:921a7fece11f4d8c72432e41e40d0372@
  • SSPI:
    • TEST/user/sspi:@


Live commands

Platform-independent commands


Clone this wiki locally
You can’t perform that action at this time.