๐ชAttacktive Directory
99% of Corporate networks run off of AD. But can you exploit a vulnerable Domain Controller?
Room Attributes | Value |
---|---|
Subscription Required | False [Free] |
Type | Challenges (CTF) |
Difficulty | Medium |
Tags | Active Directory, AD, Kerberos, SMB |
Task 1 Intro Deploy The Machine
The first four questions are part of a mini-walkthrough that cover getting access to the target machine. They all require no answer so just follow the steps to get connected to the VPN, deploy the machine and get hacking!
Task 2 Intro Setup
Install Impacket
Impacket is a collection of Python classes for working with network protocols. Enter the following commands into your kali linux terminal to add the repo to your /opt/impacket folder and to install with python3:
sudo git clone
https://github.com/SecureAuthCorp/impacket.git
/opt/impacket
sudo pip3 install -r /opt/impacket/requirements.txt
cd /opt/impacket/
sudo pip3 install .
sudo python3 setup.py install
Task 3 Enumeration Welcome to Attacktive Directory
Task 3 - Welcome to Attacktive DirectoryTask 4 Enumeration Enumerating Users via Kerberos
Task 4 - Enumerating Users via KerberosTask 5 Exploitation Abusing Kerberos
Task 5 - Abusing KerberosTask 6 Enumeration Back to the Basics
Task 6 - Back to the BasicsTask 7 Domain Privilege Escalation Elevating Privileges within the Domain
Task 7 - Elevating Privileges within the DomainTask 8 Flag Submission Flag Submission Panel
Task 8 - Flag Submission PanelLast updated