Member-only story
How To Attack Admin Panels Successfully Part 3
Are you Attacking Web Apps Admin Panels The Right Way?
You should start here: Part_1
Intro
Picking up from where we left off in part two. This time, we are on a Windows Server. Personally, I’m not a big fan of Windows Servers, and once you try to become a professional Red Teamer, you will understand why. Today, we will learn about a very basic and simple Active Directory attack, a topic not much talked about in the Bug Bounty community since most reports involve just web application vulnerabilities.
Tree
- Hashcat
- Service Principal Name(SPN)
- Powershell
- Invoke-Kerberoast.ps1
Attack Scenario
Unlike Linux servers, because of the complexity of the Windows ecosystem, they are too many different directions to go from here, which is why I will go for the simplest path. Everything will depend on the group policies that were given to the server. Your best bet will be to enumerate everything. We want to be as stealthy as possible, which is why we are going to do everything manually, without using tools like Mimikatz that can trigger alerts and get you caught. You will land in CMD, and many…
