Merge pull request WADComs#2 from Bad-Jubies/master

CME Enum commands + SMB Exec
Adamkadaban · Dec 12, 2020 · 50fe551 · 50fe551
2 parents a0baaa8 + 32b3c21
commit 50fe551
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 3 deletions.
diff --git a/_wadcoms/Crackmapexec-Enum-SMB.md b/_wadcoms/Crackmapexec-Enum-SMB.md
@@ -0,0 +1,27 @@
+---
+description: |
+  "CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks." - https://github.com/byt3bl33d3r/CrackMapExec/wiki. This command will enumerate domain groups, local groups, logged on users, relative identifiers (RIDs), sessions, domain users, SMB shares/permissions, and get the domain password policy. You can also use CIDR notation to target a range of ip addresses (i.e. 10.10.10.0/24).
+
+  Command Reference:
+
+  	Target IP: 10.10.10.1
+
+  	Username: john
+
+  	Password: password123
+
+command: |
+  crackmapexec smb 10.10.10.1 -u 'john' -p 'password123' --groups --local-groups --loggedon-users --rid-brute --sessions --users --shares --pass-pol
+items:
+  - Username
+  - Password
+services:
+  - SMB
+attack_types:
+  - Enumeration
+OS:
+  - Linux
+references:
+  - https://github.com/byt3bl33d3r/CrackMapExec
+  - https://github.com/byt3bl33d3r/CrackMapExec/wiki
+---
diff --git a/_wadcoms/Crackmapexec-Enum-Share.md → _wadcoms/Crackmapexec-Exec-SMB.md b/_wadcoms/Crackmapexec-Enum-Share.md → _wadcoms/Crackmapexec-Exec-SMB.md
@@ -1,6 +1,6 @@
 ---
 description: |
-  "CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks." - https://github.com/byt3bl33d3r/CrackMapExec/wiki
+  "CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks." - https://github.com/byt3bl33d3r/CrackMapExec/wiki. This command will execute a powershell command on the target machine if the user has Administrator privileges. using "-x" will execute from cmd.
 
   Command Reference:
 
@@ -11,14 +11,14 @@ description: |
   	Password: password123
 
 command: |
-  crackmapexec smb 10.10.10.1 -u 'john' -p 'password123' --shares
+  crackmapexec smb 10.10.10.1 -u 'john' -p 'password123' -X '$Host'
 items:
   - Username
   - Password
 services:
   - SMB
 attack_types:
-  - Enumeration
+  - Exploitation
 OS:
   - Linux
 references: