NetExec, also known as nxc, is a powerful network service exploitation tool designed to automate the assessment of large-scale networks. It supports various protocols, including SMB, SSH, LDAP, FTP, WMI, WINRM, RDP, VNC, and MSSQL, facilitating tasks such as enumeration, credential validation, and command execution.
Installation
For Unix-based Systems:
- Install Dependencies: Ensure that
pipxandgitare installed
sudo apt install pipx gitConfigure
pipx: Set up thepipxenvironment:pipx ensurepathInstall NetExec: Use
pipxto install NetExec directly from the GitHub repository:pipx install git+https://github.com/Pennyw0rth/NetExecFor Windows and Mac Systems:
Detailed installation instructions for Windows and Mac are available in the official NetExec documentation.
Basic Usage
NetExec operates by specifying a protocol followed by the target and desired options. The general syntax is:
netexec [protocol] [target] [options]
- Enumerate SMB Shares: To list shared resources on a target system:
netexec smb [target_ip] -u [username] -p [password] --shares
2. Password Spraying: Attempt a password across multiple usernames:
netexec smb [target_ip] -u [username1] [username2] -p [password]
3. Command Execution via WINRM: Execute a command on a remote system using the WINRM protocol:
netexec winrm [target_ip] -u [username] -p [password] -x [command]