Gaining Domain Admin from Outside Active Directory

hacking

(Dr.zel0st) #1

So, I am again up with a new article to share. It is a great write-up by Rob Brown. It is about penetration testing an Active Directory. This is useful for the penetration testers who are into internal penetration testing.

https://markitzeroday.com/pass-the-hash/crack-map-exec/2018/03/04/da-from-outside-the-domain.html


(oaktree) #2

Do you have any more comments or concerns about it? Maybe some discussion questions?


(Linux Kernel Fetishist) #3

Well, LAPS should solve this issue, right?
https://www.microsoft.com/en-us/download/details.aspx?id=46899

nvm: just for domain joined pc’s, my bad!


#4

So would this work if the network was using 802.1x? Like if you needed a client certificate to get into the domain network?


(Linux Kernel Fetishist) #5

That doesn’t have anything to do with the Local Administrator Account. Sure, the attacker would have a harder time getting into the network, but the actual vulnerability was that the not-joined PC did not have the GPO.


(system) #6

This topic was automatically closed after 30 days. New replies are no longer allowed.