Orange-Cyberdefense · sec-fortress · May 10, 2024 · Guilhem7 · Aug 2, 2024 · Guilhem7
diff --git a/arsenal/data/cheats/Active_directory/Impacket/impacket-mssqlclient.md b/arsenal/data/cheats/Active_directory/Impacket/impacket-mssqlclient.md
@@ -0,0 +1,48 @@
+# impacket
+
+% impacket, windows, exec, inital_access
+
+Mssqlclient.py is an MSSQL client, supporting both SQL and Windows Authentications (including hashes) allowing the enumeration for Microsoft SQL servers including spawning an 'xp_cmdshell'. It also supports TLS.
+
+
+## Attempts to connect to the SQL Server instance with valid credentials
+#plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT
+
+```
+mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP>
+```
+
+## Attempts to use windows authentication. DEFAULT: FALSE
+#plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT
+
+```
+mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP> -windows-auth
+```
+
+## Allow for the SQL Server instance without password
+#plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT
+
+```
+mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP> -no-pass
+```
+
+## Attempts to use pass-the-hash method for authentication
+#plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT
+
+```
+mssqlclient.py <DOMAIN>/<USERNAME>@<IP> -hashes <LMHASH:NTHASH>
+```
+
+## Attempts to use kerberos authentication
+#plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT
+
+```
+mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP> -k
+```
+
+## Attempts to use the IP address of the domain controller to be used for authentication
+#plateform/linux #target/remote #port/1433 #protocol/mssql #cat/ATTACK/EXPLOIT
+
+```
+mssqlclient.py <DOMAIN>/<USERNAME>:<PASSWORD>@<IP> -dc-ip <IP>
+```
diff --git a/arsenal/data/cheats/Hash Identifier/hashid.md b/arsenal/data/cheats/Hash Identifier/hashid.md
@@ -0,0 +1,28 @@
+# hash-identifier
+
+% Hashes, hash identification, hash function analysis
+
+#plateform/linux  #target/local #cat/HASHES/HASH_TYPE_IDENTIFIER
+Example : hashid '5f4dcc3b5aa765d61d8327deb882cf99'
+
+https://github.com/blackploit/hash-identifier
+
+## All possible hash algorithms
+```
+hashid '<hash-value>' -e
+```
+
+## Print hashes in Hashcat mode
+```
+hashid '<hash-value>' -m
+```
+
+## Print hashes in joh mode
+```
+hashid '<hash-value>' -j
+```
+
+## write output to file
+```
+hashid '<hash-value>' -o <output-file>
+```
diff --git a/arsenal/data/cheats/Hash Identifier/nth.md b/arsenal/data/cheats/Hash Identifier/nth.md
@@ -0,0 +1,37 @@
+# Name-That-Hash
+
+% Hashes, hash identification, hash function analysis
+
+#plateform/linux  #target/local #cat/HASHES/HASH_TYPE_IDENTIFIER
+
+https://github.com/HashPals/Name-That-Hash
+
+## Standard Input Hash
+```
+nth --text '<hash-value>'
+```
+
+## Hash in a file
+```
+nth --file hash.txt
+```
+
+## Print hash in json format
+```
+nth --text '<hash-value>' --greppable
+```
+
+## Decode hashes in base64
+```
+nth --text '<base6d_encoded_hash>' -b64
+```
+
+## Print little information about hash
+```
+nth --text '<hash-value>' -a
+```
+
+## Enable verbosity/debug logs
+```
+nth --text '<hash-value>' -v
+```