Reconnaissance of active directory domain servers

Often during an internal penetration testing activity, penetration testers will be provided with a username and password. In real-world scenarios, the attackers are inside the network and an attack scenario would be what they could do with normal user access and how they elevate the privileges to compromise the enterprise domain.

Kali provides a default installed rpcclient that can be utilized to perform more active reconnaissance on an active directory environment. This tool provides multiple options to extract all of the details about domain and other networking services, which we will be exploring in Chapter 10, Exploitation.

The following screenshot provides the enumeration of lists of domains, users, and groups:

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.89.116.152