Page cover image

đŸȘŸAttacktive Directory

99% of Corporate networks run off of AD. But can you exploit a vulnerable Domain Controller?

https://tryhackme.com/room/attacktivedirectory
Room Attributes
Value

Subscription Required

False [Free]

Type

Challenges (CTF)

Difficulty

Medium

Tags

Active Directory, AD, Kerberos, SMB

Task 1 Intro Deploy The Machine

The first four questions are part of a mini-walkthrough that cover getting access to the target machine. They all require no answer so just follow the steps to get connected to the VPN, deploy the machine and get hacking!

Task 2 Intro Setup

Install Impacket

Impacket is a collection of Python classes for working with network protocols. Enter the following commands into your kali linux terminal to add the repo to your /opt/impacket folder and to install with python3:

sudo git clone https://github.com/SecureAuthCorp/impacket.git/opt/impacket

sudo pip3 install -r /opt/impacket/requirements.txt

cd /opt/impacket/

sudo pip3 install .

sudo python3 setup.py install

Task 3 Enumeration Welcome to Attacktive Directory

Task 3 - Welcome to Attacktive Directory

Task 4 Enumeration Enumerating Users via Kerberos

Task 4 - Enumerating Users via Kerberos

Task 5 Exploitation Abusing Kerberos

Task 5 - Abusing Kerberos

Task 6 Enumeration Back to the Basics

Task 6 - Back to the Basics

Task 7 Domain Privilege Escalation Elevating Privileges within the Domain

Task 7 - Elevating Privileges within the Domain

Task 8 Flag Submission Flag Submission Panel

Task 8 - Flag Submission Panel

Last updated