Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
active directory
server ip
client ip
domain type networkassigning and enforcing security policies for all computers
and installing or updating software.
For example,
when a user logs into a computer that is part of a Windows domain, Active Directory
checks the submitted password and determines whether the user is a system
administrator or normal user.
An active directory is a service that is provided by Microsoft that stores information
about items on a network so the information can be easily made available to specific
users through a logon process and network administrators.
Active Directory Domain Services is Microsoft's Directory Server. It provides
authentication and authorization mechanisms as well as a framework within which
other related services can be deployed (AD Certificate Services, AD Federated
Services, etc)
How active directory work?
network such as a printer, end user applications, and security applications that
are implemented by the network administrator. Network objects can also
contain additional objects within their file structure which are identified by a
folder name. Each object has its own unique identification by the specific
information that is contained within the object.
Schemas: Since network objects each have their own identification which is
within the hierarchy which consists of three different levels which are known
as a forest, tree, and domain with the forest being the highest level that allows
the network administrator to see all of the objects in the active directory. The
trees are the second level of the hierarchy each of which can hold multiple
Authentication is the process of determining whether someone or something is,
in fact, who or what it is declared to be.domains.
How an Active Directory is Used
Active Directories are used by network administrators to simplify network
maintenance processes within a large organization. Instead of having to perform
updates manually, a network administrator can update one object in a single process.
Active Directories are also used by network administrators to allow or deny access to
specific application by the end user through the trees in the network. Additionally,
they are used to keep a large network organized and maintained without having to
perform each task through an individual process.
Authentication
Authentication is the process of determining whether someone or something is, in
fact, who or what it is declared to be.
Authentication is used by a server when the server needs to know exactly who
is accessing their information or site.
Authentication is used by a client when the client needs to know that the server
is system it claims to be.
In authentication, the user or computer has to prove its identity to the server or
client.
Usually, authentication by a server entails the use of a user name and password.
Other ways to authenticate can be through cards, retina scans, voice
recognition, and fingerprints.
Authentication by a client usually involves the server giving a certificate to the
client in which a trusted third party such as Verisign or Thawte states that the
server belongs to the entity (such as a bank) that the client expects it to.
Authentication does not determine what tasks the individual can do or what
files the individual can see. Authentication merely identifies and verifies who
the person or system
tools used
=>kali lunix using
metsploit & msfvenom
creating->listening->infecting
it is, we need to set up the LHOST and LPORT to make this exploit
work. My IP address is 172.16.2.88so I set the LHOST to
that IP, and I want to set the LPORT to 443 so I will receive
connection from victim on port 443 if the exploit succeed.
Run msfconsole
here there is virus hiden into vlc when this user install this vlcv2 attacker get
meterpreter directly
/home/sam/active directory.docx
let start to show the proccess on user machine after get meterpreter
let
use differents possible in priviledge escalation
ckeck username
let use
mimikatz for the purpose to dump password in plain text
my attack is done as
you see I get the password of user joined to domain and I get the password of
server as Administrator
let exploit
let run post for checking the number users and their hash pass
4) Describe what are the challenges you run into and how you overcome them