ranger: access & interact with remote Microsoft Windows based systems – Penetration Testing

ranger

A tool to support security professionals access and interact with remote Microsoft Windows based systems.

This project was conceptualized with the thought process, we did not invent the bow or the arrow, just a more efficient way of using it.

Ranger is a command-line driven attack and penetration testing tool, which as the ability to use an instantiated catapult server to deliver capabilities against Windows Systems. As long as a user has a set of credentials or a hash set (NTLM, LM, LM:NTLM) he or she can gain access to systems that are apart of the trust.

Using this capability a security professional can extract credentials out of memory in clear-text, access SAM tables, run commands, execute PowerShell scripts, Windows Binaries, and other tools.
At this time the tool bypasses the majority of IPS vendor solutions unless they have been custom tuned to detect it. The tool was developed using our home labs in an effort to support security professionals doing legally and/or contractually supported activities.

More functionality is being added, but at this time the tool uses the community contributions from repositories related to the PowerShell PowerView, PowerShell Mimikatz and Impacket teams.

Managing Ranger:

Install:

wget http://ift.tt/1QHLppZ
chmod a+x setup.sh
./setup.sh
rm setup.sh

Update:

ranger –update

Usage:

Ranger uses a combination of methods and attacks, a method is used to deliver an attack/command

An attack is what you are trying to accomplish

Some items are both a method and attack rolled into one and some methods cannot use some of the attacks due to current limitations in the libraries or protocols

Methods & Attacks:

–scout
–secrets-dump

Method:

–wmiexec
–psexec
–smbexec
–atexec

Attack:

–command
–invoker
–downloader
–executor
–domain-group-members
–local-group-members
–get-domain-membership
–get-forest-domains
–get-forest
–get-dc
–find-la-access

Tutorial

The post ranger: access & interact with remote Microsoft Windows based systems appeared first on Penetration Testing.

http://ift.tt/2u8dT5p http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s