O
O
OSCP Notes
Search
⌃K

Initial Foothold

Let's say you found a bunch of ports that are open and it looks like it's an AD box. (Seeing kerberoes port 88 open),etc.
  1. 1.
    HTTP vuln > initial foothold.
  2. 2.
    HTTP vuln (no vuln but some user info) > kerbrute userinfo > create username & password list and cme (crackmapexec) to brute force login > evil-winrm to login.
  3. 3.
Previous
Active Directory Case Studies
Next
smb creds found?
Last modified 10mo ago