So, I am again up with a new article to share. It is a great write-up by Rob Brown. It is about penetration testing an Active Directory. This is useful for the penetration testers who are into internal penetration testing.
https://markitzeroday.com/pass-the-hash/crack-map-exec/2018/03/04/da-from-outside-the-domain.html
Do you have any more comments or concerns about it? Maybe some discussion questions?
Well, LAPS should solve this issue, right?
nvm: just for domain joined pc’s, my bad!
So would this work if the network was using 802.1x? Like if you needed a client certificate to get into the domain network?
That doesn’t have anything to do with the Local Administrator Account. Sure, the attacker would have a harder time getting into the network, but the actual vulnerability was that the not-joined PC did not have the GPO.
This topic was automatically closed after 30 days. New replies are no longer allowed.