Skip to main content

Posts

Featured

Attacktive Directory ~ Write-up

Attacktive Directory: Mm0 Write-up: Michael N Mm0 https://tryhackme.com/r/room/attacktivedirectory Scanning: Scanning the specific ports that I am interested in. Enumerate SMB port 445 List share with smbclient: no password prompt list shares.. but the Anonymous login worked but the workgroup isnʼt available. Enumerate SMB I will use enum4linux/smbclient to enumerate smb on port 445 Using crackmapexec to brute force RID The Guest user was disabled probably because tools like enum4linux likes to abuse the guest account to enumerate. SMB         10.10.76.106    445    ATTACKTIVEDIREC  498: THM-AD\\Enterprise Read-only Domain Controllers (SidTypeGroup) SMB         10.10.76.106    445    ATTACKTIVEDIREC  500: THM-AD\\Administrator (SidTypeUser) SMB         10.10.76.106    445    ATTACKTIVEDIREC  501: THM-AD\\Guest (SidTypeUser) SMB         10.10.76.106    445    ATTACKTIVEDIREC  502: THM-AD\\krbtgt (SidTypeUser) SMB         10.10.76.106    445    ATTACKTIVEDIREC  512: THM-AD\\Domai

Latest Posts

Active Directory Pentesting Lab Set up VMWARE (Windows Server 2022)