Gzzcoo HTB Walkthroughs

Home Pentest Notes HTB Profile

Home
ACTIVE DIRECTORY
WINDOWS
- Easy
LINUX

Con tecnología de GitBook

En esta página

Reconnaissance
NTLM is disabled? Protected users? Testing Kerberos authentication
SMB Enumeration
Users Enumeration
Attempting to perform AS-REP Roast and Kerberoasting Attack (FAILED)
BloodHound Enumeration
Auth as FS01$
Abusing Pre-Windows 2000 computers (Pre2k)
Auth as GMSA01$
Abusing ReadGMSAPassword privileges to retrieve gMSA password
Shell as C.Neri
Abusing GenericWrite Privilege on a Group to Add Members
Abusing GenericAll privileges to Enable User Accounts, DONT_REQ_PREAUTH & SPNs for AS-REP Roasting & Kerberoasting
Cracking Hashes with John
Password Spraying with Kerbrute and NetExec
Abusing WinRM with Kerberos TGT (Ticket Granting Ticket)
Auth as C.Neri_adm
Abusing DPAPI Secrets to Move Laterally (impacket-dpapi)
Shell as L.Bianchi_adm (Domain Admin)
Finding an entry vector to elevate our privileges with BloodHound
Abusing AllowedToAct privileges (Resource-based Constrained Delegation [RBCD Attack] through SVC_SQL user) with impacket-getST
Resource-based Constrained Delegation Attack (RBCD Attack) with FS01$
Extra: Dumping NTDS.dit to retrieve all NTLM hashes

¿Te fue útil?

Exportar como PDF

ACTIVE DIRECTORY

Hard

Vintage

AnteriorSearch SiguienteInsane

Última actualización hace 12 días

¿Te fue útil?

© 2025 Gzzcoo.