Hi! good video! i have a question, if i disable llmnr in all domian PCs, netbios, signing req allways, response only ntlmv2, shared folders off (all PCs), disable cmd, powershell to users, rdp off, win updates cuarenta, AV and ids/ips utm on all cross vlans. It's posible to do this pentest? thanks!! regards
Probably DC dont have all patches , and u can execute zerologon ! :) and exploit that ! Also you can search for missconfiguration in Service Accounts , and try password spraying, bruteforce , etc . Dump ldap with bloodhunt to have more details about the DC.
Great walkthrough.
Thank you so much for the Video do you have the text transcript of the video?
does it still work nowadays?
Please make more vd for advanced techniques red team and make server Discord good work
Once you have domain
Admin can the user know who you are ?
Thanks Bro,, Do we need to upload mimikatz to the victim PC win10 ? or its running on kali as windowsVM .
Can you tell how to set up domain controller?
This is a brilliant resource to setup an Active Directory lab.
th-cam.com/video/xftEuVQ7kY0/w-d-xo.html
I can't stand MGK but love the video dude! Very cool!
😂😂 thanks so much! We can't judge Russell's music taste but at least the tech is good 😉
Should it be very high priority for NTLM to be disabled or is patching enough to prevent any exploit?
Dude , can i know which is the CA server ? because i can enum the DC-AD , but i never know there is a CA server :/
Hi! good video! i have a question, if i disable llmnr in all domian PCs, netbios, signing req allways, response only ntlmv2, shared folders off (all PCs), disable cmd, powershell to users, rdp off, win updates cuarenta, AV and ids/ips utm on all cross vlans. It's posible to do this pentest? thanks!! regards
Probably DC dont have all patches , and u can execute zerologon ! :) and exploit that ! Also you can search for missconfiguration in Service Accounts , and try password spraying, bruteforce , etc . Dump ldap with bloodhunt to have more details about the DC.
You domain admin????
Are you domain hacker