http://shivasurya.me/categories/active-directory/Recent content in Active-Directory on ShivasuryaHugoen-usFri, 17 Mar 2023 00:00:00 +0000http://shivasurya.me/2023/03/17/hackthebox-active-writeup-oscp-active-directory/Fri, 17 Mar 2023 00:00:00 +0000http://shivasurya.me/2023/03/17/hackthebox-active-writeup-oscp-active-directory/<h3 id="quick-overview">Quick Overview</h3> <p><a href="https://app.hackthebox.com/machines/Active">Active</a> is one of the easy Active Directory focused Windows Box from <a href="https://docs.google.com/spreadsheets/u/1/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview#">TJNull OSCP Practice list</a>. It&rsquo;s one of those easy machine where you get initial foothold via SMB <code>Replication</code> share leak &amp; escalate privileges using Active Directory weakness.</p> <p><img src="http://shivasurya.me/assets/media/htb-active-logo.png" alt="Active VM - HacktheBox Logo"></p> <h3 id="enumeration">Enumeration</h3> <h4 id="nmapautomator">NMapAutomator</h4> <p>Started with enumerating the target with <a href="https://github.com/21y4d/nmapAutomator"><code>NMapAutomator</code></a> script since it helps in automating all possible ports with vulnerability scripts from <code>nmap</code>. Additionally, <code>NmapAutomator</code> can help in recon process using <code>smbmap</code>, <code>ffuf</code>, <code>nikto</code>, <code>DNSRecon</code>, <code>SMB</code> enumeration.</p>