Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-24 21:53:54 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'carlospolop:master' into master

Browse source
This commit is contained in:
gsmith257-cyber 2022-07-14 12:40:55 -07:00 committed by GitHub
commit f0b08451d9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
network-services-pentesting/pentesting-kerberos-88/README.md
View file

@ -19,7 +19,7 @@ Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
## Basic Information
Firstly, Kerberos is an authentication protocol, not authorization. In other words, it allows to identify each user, who provides a secret password, however, it does not validates to which resources or services can this user access.\
Kerberos is used in Active Directory. In this platform, Kerberos provides information about the privileges of each user, but it is responsability of each service to determine if the user has access to its resources.
Kerberos is used in Active Directory. In this platform, Kerberos provides information about the privileges of each user, but it is the responsability of each service to determine if the user has access to its resources.
**Default Port:** 88/tcp/udp
@ -56,7 +56,7 @@ Entry_1:
Description: Notes for Kerberos
Note: |
Firstly, Kerberos is an authentication protocol, not authorization. In other words, it allows to identify each user, who provides a secret password, however, it does not validates to which resources or services can this user access.
Kerberos is used in Active Directory. In this platform, Kerberos provides information about the privileges of each user, but it is responsability of each service to determine if the user has access to its resources.
Kerberos is used in Active Directory. In this platform, Kerberos provides information about the privileges of each user, but it is the responsability of each service to determine if the user has access to its resources.
https://book.hacktricks.xyz/pentesting/pentesting-kerberos-88

4
network-services-pentesting/pentesting-smb.md
View file

@ -439,7 +439,7 @@ In **kali** it is located on /usr/share/doc/python3-impacket/examples/
```bash
nmap --script smb-brute -p 445 <IP>
ridenum.py <IP> 500 50000 /root/passwds.txt #Get usernames bruteforcing that rids and then try to bruteforce eachusername
ridenum.py <IP> 500 50000 /root/passwds.txt #Get usernames bruteforcing that rids and then try to bruteforce each user name
```
## SMB relay attack
@ -451,7 +451,7 @@ This attack uses the Responder toolkit to **capture SMB authentication sessions*
The Windows library URLMon.dll automatically try to authenticaticate to the host when a page tries to access some contect via SMB, for example: `img src="\\10.10.10.10\path\image.jpg"`
This happens with the funcions:
This happens with the functions:
* URLDownloadToFile
* URLDownloadToCache