Added new commands in data/cheats #87
+113
−0
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| # impacket | ||
|
|
||
| % impacket, windows, exec, inital_access | ||
|
|
||
| Mssqlclient.py is an MSSQL client, supporting both SQL and Windows Authentications (including hashes) allowing the enumeration for Microsoft SQL servers including spawning an 'xp_cmdshell'. It also supports TLS. | ||
|
|
||
|
|
||
| ## Attempts to connect to the SQL Server instance with valid credentials | ||
| #plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT | ||
|
|
||
| ``` | ||
| mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP> | ||
| ``` | ||
|
|
||
| ## Attempts to use windows authentication. DEFAULT: FALSE | ||
| #plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT | ||
|
|
||
| ``` | ||
| mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP> -windows-auth | ||
| ``` | ||
|
|
||
| ## Allow for the SQL Server instance without password | ||
| #plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT | ||
|
|
||
| ``` | ||
| mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP> -no-pass | ||
| ``` | ||
|
|
||
|
Comment on lines
+22
to
+28
There was a problem hiding this comment. Can you remove this one, as we will not put all of the different commands in arsenal |
||
| ## Attempts to use pass-the-hash method for authentication | ||
| #plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT | ||
|
|
||
| ``` | ||
| mssqlclient.py <DOMAIN>/<USERNAME>@<IP> -hashes <LMHASH:NTHASH> | ||
| ``` | ||
|
|
||
| ## Attempts to use kerberos authentication | ||
| #plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT | ||
|
|
||
| ``` | ||
| mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP> -k | ||
|
There was a problem hiding this comment. I think that for kerberos authentication, password is not needed, and the option -no-pass could be added |
||
| ``` | ||
|
|
||
| ## Attempts to use the IP address of the domain controller to be used for authentication | ||
| #plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT | ||
|
|
||
| ``` | ||
| mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP> -dc-ip <IP> | ||
| ``` | ||
|
Comment on lines
+43
to
+48
There was a problem hiding this comment. This one is not really useful in my opinion, could you also remove it ? |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| # hash-identifier | ||
|
|
||
| % Hashes, hash identification, hash function analysis | ||
|
|
||
| #plateform/linux #target/local #cat/HASHES/HASH_TYPE_IDENTIFIER | ||
| Example : hashid '5f4dcc3b5aa765d61d8327deb882cf99' | ||
|
|
||
| https://github.com/blackploit/hash-identifier | ||
|
Comment on lines
+6
to
+8
There was a problem hiding this comment. It will also be interpreted by arsenal, could you remove this part ? |
||
|
|
||
| ## All possible hash algorithms | ||
| ``` | ||
| hashid '<hash-value>' -e | ||
| ``` | ||
|
|
||
|
Comment on lines
+10
to
+14
There was a problem hiding this comment. Not sure this one is useful, could you remove it ? |
||
| ## Print hashes in Hashcat mode | ||
| ``` | ||
| hashid '<hash-value>' -m | ||
| ``` | ||
|
|
||
| ## Print hashes in joh mode | ||
|
|
||
| ``` | ||
| hashid '<hash-value>' -j | ||
| ``` | ||
|
|
||
| ## write output to file | ||
|
There was a problem hiding this comment. Can you capitalize the first word please ? 😄 |
||
| ``` | ||
| hashid '<hash-value>' -o <output-file> | ||
| ``` | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| # Name-That-Hash | ||
|
|
||
| % Hashes, hash identification, hash function analysis | ||
|
|
||
| #plateform/linux #target/local #cat/HASHES/HASH_TYPE_IDENTIFIER | ||
|
|
||
| https://github.com/HashPals/Name-That-Hash | ||
|
There was a problem hiding this comment. Can you remove it, it might cause unintended behaviors from Arsenal |
||
|
|
||
| ## Standard Input Hash | ||
| ``` | ||
| nth --text '<hash-value>' | ||
| ``` | ||
|
|
||
| ## Hash in a file | ||
| ``` | ||
| nth --file hash.txt | ||
| ``` | ||
|
|
||
| ## Print hash in json format | ||
| ``` | ||
| nth --text '<hash-value>' --greppable | ||
| ``` | ||
|
|
||
| ## Decode hashes in base64 | ||
| ``` | ||
| nth --text '<base6d_encoded_hash>' -b64 | ||
|
There was a problem hiding this comment. do you mean base64_encoded_hash ? |
||
| ``` | ||
|
|
||
| ## Print little information about hash | ||
| ``` | ||
| nth --text '<hash-value>' -a | ||
| ``` | ||
|
|
||
| ## Enable verbosity/debug logs | ||
| ``` | ||
| nth --text '<hash-value>' -v | ||
| ``` | ||
|
Comment on lines
+34
to
+37
There was a problem hiding this comment. I do not think this one is useful, could you remove it ? 😄 |
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi, thanks for the pull request ! 👍
Can you remove this line, as it is interpreted by Arsenal please ?