Share
## https://sploitus.com/exploit?id=31FB631A-BE99-542D-9ABD-2F419D85EC43
# Invoke-sAMSpoofing
CVE-2021-42287/CVE-2021-42278 exploits in powershell
## Table of content
* [Overview](#Overview)
* [Menu](#Menu)
* [Screenshots](#Screenshots)
* [References](#References)
### Overview
A simple script to attack AD with CVE-2021-42287/CVE-2021-42278 exploits automatically.
### Menu
- Invoke-sAMSpooofing
- Invoke-GoldenTicket
- Invoke-GoldenTips
- RemoveMachineAccount
- Invoke-Rubeus
- ADSIHound
- Invoke-DCSync
### Screenshots
- Invoke-sAMSpooofing


- Invoke-GoldenTicket (Just krbtgt hashes needed)


Golden ticket also injected into memory and generate to file.

- Invoke-GoldenTips

- RemoveMachineAccount (Need domain admins privileges, also you can do this after create golden ticket.)

- Invoke-Rubeus

### References
- [3gstudent: Retrieves all users ntlm hashes from AD](https://3gstudent.github.io/%E5%9F%9F%E6%B8%97%E9%80%8F-%E5%88%A9%E7%94%A8DCSync%E5%AF%BC%E5%87%BA%E5%9F%9F%E5%86%85%E6%89%80%E6%9C%89%E7%94%A8%E6%88%B7hash%E7%9A%84%E6%96%B9%E6%B3%95)
- [eXploit.ph: cve-2021-42287-cve-2021-42278-weaponisation](https://exploit.ph/cve-2021-42287-cve-2021-42278-weaponisation.html)
- [PowerSharpPack](https://github.com/S3cur3Th1sSh1t/PowerSharpPack)
- [Powermad](https://github.com/Kevin-Robertson/Powermad)
- [Rubeus](https://github.com/GhostPack/Rubeus)