“i ended up “ frankensteining ” some other pre - existing tools along with my own code to accomplish my goal. first, i had to gather all the hosts from the domain. to do this, the first piece of code i borrowed was from powerview. i used multiple modules from powerview for generat…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.001PowerShell
90%
“invoke - thehash. 95 % of the code is from those two tools. so the credit goes to kevin robertson for invoke - thehash, and credit goes to will schroeder, matt graeber, and anyone else who worked on powerview. without those two tools this script wouldn ’ t exist. also, a shoutout…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1048.003Exfiltration Over Unencrypted Non-C2 Protocol
50%
“blog post contains instructions for setting up the server side. check - localadminhash - domain testdomain. local - userdomain testdomain. local - username possibleadminuser - passwordhash e62830daed8dbea4acd0b99d682946bb - allsystems - exfilpsreadline the script also accepts tar…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1070.003Clear Command History
33%
“check - localadminhash & exfiltrating all powershell history check - localadminhash & exfiltrating all powershell history beau bullock / / tl ; dr check - localadminhash is a new powershell script that can check a password hash against multiple hosts to determine if it ’ s a vali…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1021.001Remote Desktop Protocol
31%
“type into their terminals including passwords and other sensitive information. i first learned about these history files from chris truncer during one of his amazing training courses. on this particular assessment, i had a local admin hash that i knew was in widespread use in the…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Beau Bullock // TL;DR Check-LocalAdminHash is a new PowerShell script that can check a password hash against multiple hosts to determine if it’s a valid administrative credential. It also has […]
