Skip to main content
Advanced Search
Search Terms
Content Type

Exact Matches
Tag Searches
Date Options
Updated after
Updated before
Created after
Created before

Search Results

4 total results found

Session 8: Jan. 8, 2024

PJPT & PNPT Study Group Lessons

In this lesson, we focus on attacking Active Directory from an external assessment. So, enumerating an "externally" facing service, establishing a foothold, and pivoting into the network. This lesson is better suited to those preparing for the PNPT certificati...

active-directory
external
tcm-pnpt
pivoting

Passback Attacks (Internal/External)

Active Directory Initial Attack Vectors

What's the Flaw? Usually involves an unsecure device -- like a printer or multifunction device -- which is configured with an LDAP or SMTP client and credentials. It could be a web server too -- where there is an LDAP or SMTP client. The credentials are usual...

internal
external
active-directory
passback

SMB Relay (Internal/External)

Active Directory Initial Attack Vectors

Note: Network Environment This attack works best in a flat network. However, as long as the attacker machine and target(s) are routeable and no firewalls are blocking required ports, it could work across network segments. What is SMB Relay? A man-in-the-m...

internal
external
active-directory
smb

PrintNightmare (Internal/External)

Active Directory Initial Attack Vectors

Remote Code Execution https://github.com/cube0x0/CVE-2021-1675 Contains full details on scanning and mitigation. Could potentially be used against a domain controller for easy access to a reverse shell.   Create payload msfvenom -p <payload> LHOST=<kali-i...

internal
external
active-directory
print-nightmare