mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
Update README.md
This commit is contained in:
parent
b585b2d3c6
commit
58293ae568
@ -133,13 +133,13 @@ You might be able to **obtain** some challenge **hashes** to crack **poisoning**
|
||||
../../generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md
|
||||
{{#endref}}
|
||||
|
||||
### NTML Relay
|
||||
### NTLM Relay
|
||||
|
||||
If you have managed to enumerate the active directory you will have **more emails and a better understanding of the network**. You might be able to to force NTML [**relay attacks**](../../generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md#relay-attack) \*\*\*\* to get access to the AD env.
|
||||
If you have managed to enumerate the active directory you will have **more emails and a better understanding of the network**. You might be able to to force NTLM [**relay attacks**](../../generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md#relay-attack) \*\*\*\* to get access to the AD env.
|
||||
|
||||
### Steal NTLM Creds
|
||||
|
||||
If you can **access other PCs or shares** with the **null or guest user** you could **place files** (like a SCF file) that if somehow accessed will t**rigger an NTML authentication against you** so you can **steal** the **NTLM challenge** to crack it:
|
||||
If you can **access other PCs or shares** with the **null or guest user** you could **place files** (like a SCF file) that if somehow accessed will t**rigger an NTLM authentication against you** so you can **steal** the **NTLM challenge** to crack it:
|
||||
|
||||
{{#ref}}
|
||||
../ntlm/places-to-steal-ntlm-creds.md
|
||||
@ -211,9 +211,9 @@ It's very **unlikely** that you will find **tickets** in the current user **givi
|
||||
[IO.File]::WriteAllBytes("ticket.kirbi", [Convert]::FromBase64String("<BASE64_TICKET>"))
|
||||
```
|
||||
|
||||
### NTML Relay
|
||||
### NTLM Relay
|
||||
|
||||
If you have managed to enumerate the active directory you will have **more emails and a better understanding of the network**. You might be able to to force NTML [**relay attacks**](../../generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md#relay-attack)**.**
|
||||
If you have managed to enumerate the active directory you will have **more emails and a better understanding of the network**. You might be able to to force NTLM [**relay attacks**](../../generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md#relay-attack)**.**
|
||||
|
||||
### **Looks for Creds in Computer Shares**
|
||||
|
||||
@ -223,7 +223,7 @@ Now that you have some basic credentials you should check if you can **find** an
|
||||
|
||||
### Steal NTLM Creds
|
||||
|
||||
If you can **access other PCs or shares** you could **place files** (like a SCF file) that if somehow accessed will t**rigger an NTML authentication against you** so you can **steal** the **NTLM challenge** to crack it:
|
||||
If you can **access other PCs or shares** you could **place files** (like a SCF file) that if somehow accessed will t**rigger an NTLM authentication against you** so you can **steal** the **NTLM challenge** to crack it:
|
||||
|
||||
{{#ref}}
|
||||
../ntlm/places-to-steal-ntlm-creds.md
|
||||
|
Loading…
x
Reference in New Issue
Block a user