search
Page cover

πŸͺŸAttacktive Directory

99% of Corporate networks run off of AD. But can you exploit a vulnerable Domain Controller?

LogoAttacktive DirectoryTryHackMechevron-right
https://tryhackme.com/room/attacktivedirectoryarrow-up-right
Room Attributes
Value

Subscription Required

False [Free]

Type

Challenges (CTF)

Difficulty

Medium

Tags

Active Directory, AD, Kerberos, SMB

hashtag
Task 1 Intro Deploy The Machine

The first four questions are part of a mini-walkthrough that cover getting access to the target machine. They all require no answer so just follow the steps to get connected to the VPN, deploy the machine and get hacking!

hashtag
Task 2 Intro Setup

hashtag
Install Impacket

Impacket arrow-up-rightis a collection of Python classes for working with network protocols. Enter the following commands into your kali linuxarrow-up-right terminal to add the repo to your /opt/impacket folder and to install with python3arrow-up-right:

sudo git clone https://github.com/SecureAuthCorp/impacket.gitarrow-up-right/opt/impacket

sudo pip3 install -r /opt/impacket/requirements.txt

cd /opt/impacket/

sudo pip3 install .

sudo python3 setup.py install

hashtag
Task 3 Enumeration Welcome to Attacktive Directory

Task 3 - Welcome to Attacktive Directorychevron-right

hashtag
Task 4 Enumeration Enumerating Users via Kerberos

Task 4 - Enumerating Users via Kerberoschevron-right

hashtag
Task 5 Exploitation Abusing Kerberos

Task 5 - Abusing Kerberoschevron-right

hashtag
Task 6 Enumeration Back to the Basics

Task 6 - Back to the Basicschevron-right

hashtag
Task 7 Domain Privilege Escalation Elevating Privileges within the Domain

Task 7 - Elevating Privileges within the Domainchevron-right

hashtag
Task 8 Flag Submission Flag Submission Panel

Task 8 - Flag Submission Panelchevron-right
PreviousDifficulty: MediumNextTask 3 - Welcome to Attacktive Directory

Last updated