1.4 KiB
1.4 KiB
Got Persistence via (schtasks, bat schtasks, startup folder) (screenshot)
(link important info in initialenum.md here)
powerup.ps1/sharpup.exe notes.
(screenshot)
kerberoast notes
- worked via rubeus
- worked via encrypted rubeus
- worked via netexec
(screenshot)
password spray notes
worked via (exeasm nefariousspray | inline nefarious spray | powershell tool | other tool)
- useraspass
- Seasonyear!
- Service123!
- admin
- Admin
- Admin123!
- admin123
- admin1
- 1234567
- Seasonyear
- seasonyear!
- seasonyear
- COMPANYYEAR!
- COMPANYYEAR
- November2024!
- September2024!
- October2024!
- COMPANYfoundingyear!
- COMPANYfoundingyear
- COMPANYstreetnumber!
- COMPANYstreetnumber
- Password
- P@ssw0rd
- Password1!
- Password123!
- Passwordyear!
- P@55w0rd
- Service
- Service!
- Serviceyear!
bloodhound notes
- worked via exeasm sharphound
- worked via inline sharphound
- worked via encrypted sharphound
- worked via rusthound
(notes about intial lateral movement paths)
(screenshot)
portscan notes
- gathered via cobalt strike portscan
- host enumeration via cmd
- gathered via powershell
- gathered via nmap
- gathered via other tool (specify here)
(screenshot)
SSH count: FTP count: RDP count: MSSQL count: mysql count: (continue as needed)