π±
π±
π±
π±
CrackMapExec ~ CME WIKI
Public Release - v5.2.2
@byt3bl33d3r
@mpgn_x64
Searchβ¦
Introduction
π₯
News 2022
Changelog
Sponsoring CME
Other Gitbook
Getting Started
Installation
Selecting & Using a Protocol
Target Formats
Using Credentials
Using Kerberos
Using Modules
Database General Usage
π
BloodHound integration
Report bugs or new features
π²
Audit Mode
SMB protocol
π
Scan for vulnerabilities
Enumeration
Password spraying
Authentication
Command execution
Spidering Shares
Get and Put files
Obtaining Credentials
π
Defeating LAPS
π
Spooler, WebDav running ?
LDAP protocol
Authentication
ASREPRoast
Kerberoasting
Unconstrained delegation
Admin Count
Machine Account Quota
Get user descriptions
π
Exploit ESC8 (adcs)
WINRM protocol
Password spraying
Authentication
Command execution
π²
Defeating LAPS
MSSQL protocol
Password spraying
Authentication
MSSQL Privesc
MSSQL command
Windows command
SSH protocol
Password spraying
Authentication
Command execution
π²
RDP Protocol
Password spraying
Install aardwolf lib
Powered By
GitBook
Unconstrained delegation
CrackMapExec allows you to retrieve the list of all computers et users with the flag
TRUSTED_FOR_DELEGATION
1
cme ldap 192.168.0.104 -u harry -p pass --trusted-for-delegation
Copied!
Alternatives Tools
GitHub - ropnop/windapsearch: Python script to enumerate users, groups and computers from a Windows domain through LDAP queries
GitHub
PowerSploit/PowerView.ps1 at dev Β· PowerShellMafia/PowerSploit
GitHub
Ressources:
https://troopers.de/downloads/troopers19/TROOPERS19_AD_Fun_With_LDAP.pdf
troopers.de
Unconstrained Delegation - Risques
hackndo
βRelayingβ Kerberos - Having fun with unconstrained delegation
dirkjanm.io
https://posts.specterops.io/hunting-in-active-directory-unconstrained-delegation-forests-trusts-71f2b33688e1
posts.specterops.io
β
LDAP protocol - Previous
Kerberoasting
Next - LDAP protocol
Admin Count
Last modified
1yr ago
Copy link
Contents
Alternatives Tools
Ressources: