Learning About DCSync Attacks in Active Directory

Learning About DCSync Attacks in Active Directory

KEVIN VANEGAS KEVIN VANEGAS

KEVIN VANEGAS

Cyber Threat Inteligence | Penetration Testing

发布日期: 2023年9月30日
+ 关注

I continued diving into exploitation techniques within Active Directory. Here are the key highlights:

1?? DCSync Attack: We'll configure and exploit it.

2?? Creating Vulnerabilities: Crafting a vulnerable user.

3?? Kerberoast: Leveraging it to obtain credentials.

4?? Pass-the-Hash: A crucial step in the attack chain.

?? The DCSync attack leverages Active Directory replication protocols, simulating a domain controller to request sensitive user data. With this method, we obtain password hashes and open doors for further attacks.

??? Permission Matters: To execute a DCSync attack, access to "Replicate Directory Changes" is essential. We'll set up the right permissions for our user, "thesync."

?? PowerShell Magic: We create "thesync" with a secure password and grant DCSync rights using PowerView.

?? Kerberoast's Role: We assign "GenericAll" permissions for "kerberoast" over "thesync."

?? Credentials Acquired: We make use of "evil-winrm" to access the victim machine and change "thesync's" password.

?? Executing DCSync: Finally, we extract system admin hashes and launch pass-the-hash attacks with "psexec."

Watch the full videos for practical insights and hands-on experience. https://youtu.be/M406m-dPAqo


#Cybersecurity #ActiveDirectory #InfoSec #Hacking101

Seeking the OSCP Certification Seeking the OSCP Certification

Seeking the OSCP Certification

629 位关注者

订阅

要查看或添加评论,请登录

KEVIN VANEGAS的更多文章

  • LittlePivoting-Dockerlabs Walkthrough / WriteUp
    2024年4月28日

    LittlePivoting-Dockerlabs Walkthrough / WriteUp

    Hello everyone, we continue exploring the Dockerlabs DockerLabs platform that I introduced in my previous video! This…

    5 条评论
  • AS-REP roasting with Crackmapexec/NetExec
    2024年1月8日

    AS-REP roasting with Crackmapexec/NetExec

    This new Crackmapexec/NetExec series is a part of the Active Directory Lab series on my channel . With tools like…

  • Vulnerable Active Directory Lab
    2023年10月18日

    Vulnerable Active Directory Lab

    I'm currently learning pentesting techniques for Active Directory, and I've been sharing my progress on YouTube. Today,…

  • Enumeration With BloodHound
    2023年10月6日

    Enumeration With BloodHound

    As a cybersecurity student, I'm constantly seeking ways to expand my knowledge and skill set. Recently, I delved into…

  • Set Up and Test ASREProast and Kerberoasting Attacks
    2023年9月22日

    Set Up and Test ASREProast and Kerberoasting Attacks

    We create a small Active Directory lab using VirtualBox and a Windows Server Standard evaluation. We'll configure it to…

  • My notes on solving 'Return' from Hack The Box.
    2023年9月4日

    My notes on solving 'Return' from Hack The Box.

    > The machine Key Concepts: Windows Remote Management (WinRM), SMB (Server Message Block), Enumeration, Printer Admin…

  • Creating a basic bash script
    2023年8月25日

    Creating a basic bash script

    I'll show you how to create your first Bash script to perform a small fuzzing operation with the goal of gaining access…

  • Linux `find` Command
    2023年8月21日

    Linux `find` Command

    ███████████████████████████████ ███ Linux `find` Command ███…

  • Cross-site WebSocket hijacking (CSWSH) | RC4 encryption
    2023年8月20日

    Cross-site WebSocket hijacking (CSWSH) | RC4 encryption

    ?? Cybersecurity Journey Update: Inkplot Challenge Completed on HackMyVM! ?? Watch the video here: Link to Video I took…

  • Dominating 3 Buffer Overflows on a Single Machine
    2023年8月16日

    Dominating 3 Buffer Overflows on a Single Machine

    During my journey, I encountered a host of vulnerabilities, including local file inclusion, log poisoning, and the…