OSCP Practice Lab: Active Directory Attack Path #1

Derron C
Derron C
44,048
0
Published 2023-10-19
Putting this out there as I searched around and didn't find a lot of content on practicing Active Directory attacks in a home lab. This walks through one of the paths to complete domain compromise I practiced for passing the OSCP.
The link to setting up this lab environment is here:    • OSCP Practice Lab: How to Build an Ac...  
If there's enough interest I may generate some videos of my other AD attacks also.

0:00 Intro
1:30 OpenVPN
3:21 Start the Attack!
5:20 MS01 Enumeration
21:55 MS01 Application Exploit
28:16 MS01 Initial Foothold
33:35 MS01 Priv Esc Hunting
38:25 MS01 Priv Esc
47:50 Notes
50:33 Active Directory Enumeration
55:45 Pivoting with Ligolo-NG
1:05:04 Domain Controller Enumeration
1:14:10 Kerberoasting and AS-REP Roasting
1:19:27 Password Cracking with Hashcat
1:25:50 Credential Spraying with CrackMapExec
1:29:37 Crack Encrypted Zip File with JohnTheRipper
1:36:08 Credential Spraying with CrackMapExec
1:37:28 MS02 Initial Foothold with PSExec
1:45:05 MS02 Enumeration
1:46:40 MS02 Credential Dump with secretsdump
1:49:35 Domain Pwnage with evil-winrm
1:54:54 Recap
All Comments (21)
  • @michael5743
    Derron, you've got to do more of these!! You're an amazing teacher man. Thank you!
  • @MotivationbyDesign
    great video. I think the way you go through it is both entertaining and very informational.
  • @aaryanbhagat4852
    These playthroughs are worth it, very nicely explained, even the thought process!
  • @longtran7196
    How wonderful knowledge ! Love this every minute
  • @etcissue8965
    Awesome video!!! One of the best i have ever seen!! keep going for next videos!!!
  • @infosecrisk5393
    Really nice and helpful. Thanks a lot for your awesome content.
  • @infosecabdul
    Well explained and demonstrated. Followed through till the end. Thank you
  • @mikedunn330
    Without a doubt the most helpful thing I've seen! Taking your time and explaining "why" you're running commands was awesome. Thank you so much. I will be watching more of your content.
  • @Ibr8kThingz
    Outstanding content and well explained! I'm all for fresh content! Thanks so much for sharing. It's greatly helpful for a fellow student like myself prepping for the OSCP.
  • @0xolv069
    This walk through is amazing thank you a lot
  • @monsterkush11
    Thank you . Learned about some new tools and more about windows . Great content
  • @ianp6742
    This is a fantastic walk through. Very detailed and you did a good job of explaining your methodology and thought process. I am retaking the OSCP in December, this video will help me succeed and I would love to see more attack paths from you.
  • @bendum-zb4km
    Watched it all, Insane video Man !! Much appreciated.
  • @briangrier3287
    Actual GOAT, watched video start to finish! Seeing your step by step process and methodology completing these 3 boxes was super inspiring! W video, please keep this content coming!
  • @AnkitKumar-px6dr
    Thank you for such great insight into the scenario loved every bit of it
  • @gnuPirate
    Really awesome topic really well covered. Instant sub. Looking forward to working through this.
  • @podavu7044
    I love the methodology ! Thank you for this amazing content