Hacking a Domain Controller
ฝัง
- เผยแพร่เมื่อ 28 ก.ย. 2024
- Thanks to our sponsor, Keeper Security. You can download Keeper Security's Password Manager here: bit.ly/3SvmAA4
___________________________________________
Pentests & Security Consulting: tcm-sec.com
Get Trained: academy.tcm-se...
Get Certified: certifications...
Merch: merch.tcm-sec.com
Sponsorship Inquiries: info@thecybermentor.com
📱Social Media📱
___________________________________________
Twitter: / thecybermentor
Twitch: / thecybermentor
Instagram: / thecybermentor
LinkedIn: / heathadams
Discord: / discord
💸Donate💸
___________________________________________
Like the channel? Please consider supporting me on Patreon:
/ thecybermentor
Support the stream (one-time): streamlabs.com...
Hacker Books:
Penetration Testing: A Hands-On Introduction to Hacking: amzn.to/31GN7iX
The Hacker Playbook 3: amzn.to/34XkIY2
Hacking: The Art of Exploitation: amzn.to/2VchDyL
The Web Application Hacker's Handbook: amzn.to/30Fj21S
Real-World Bug Hunting: A Field Guide to Web Hacking: amzn.to/2V9srOe
Social Engineering: The Science of Human Hacking: amzn.to/31HAmVx
Linux Basics for Hackers: amzn.to/34WvcXP
Python Crash Course, 2nd Edition: amzn.to/30gINu0
Violent Python: amzn.to/2QoGoJn
Black Hat Python: amzn.to/2V9GpQk
My Build:
lg 32gk850g-b 32" Gaming Monitor:amzn.to/30C0qzV
darkFlash Phantom Black ATX Mid-Tower Case: amzn.to/30d1UW1
EVGA 2080TI: amzn.to/30d2lj7
MSI Z390 MotherBoard: amzn.to/30eu5TL
Intel 9700K: amzn.to/2M7hM2p
G.SKILL 32GB DDR4 RAM: amzn.to/2M638Zb
Razer Nommo Chroma Speakers: amzn.to/30bWjiK
Razer BlackWidow Chroma Keyboard: amzn.to/2V7A0or
CORSAIR Pro RBG Gaming Mouse: amzn.to/30hvg4P
Sennheiser RS 175 RF Wireless Headphones: amzn.to/31MOgpu
My Recording Equipment:
Panasonic G85 4K Camera: amzn.to/2Mk9vsf
Logitech C922x Pro Webcam: amzn.to/2LIRxAp
Aston Origin Microphone: amzn.to/2LFtNNE
Rode VideoMicro: amzn.to/309yLKH
Mackie PROFX8V2 Mixer: amzn.to/31HKOMB
Elgato Cam Link 4K: amzn.to/2QlicYx
Elgate Stream Deck: amzn.to/2OlchA5
*We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.
Thanks to our sponsor, Keeper Security. You can download Keeper Security's Password Manager here: bit.ly/3SvmAA4
Something I take from this is how well you need to understand the interconnected enterprise systems in most common environments in order to get to this point. Sometimes luck is involved, but when you go this deep you have to first understand how it's set up and operates before you can think about how to get through common security practices. I always recommend people setup their own environments and secure it as best as they can, and then try to break in it to learn this if you aren't already an admin in an environment first.
As a Jr. Pentester, not only was this relatable it was also super helpful. Lesson learned, don't ignore the not-so-obvious documents in file shares.
Cool story. Shows the process and the hacker mindset. It also shows the value in the little things.
Thank you I'm teaching myself and learning so much from your videos here and your 4 hour Linux course
Hi TCM, unrelated to your video, but: Have you thought about adding more Blue Team Content to TCM Academy? Like a SOC Fundamentals Course? I don't see many resources with actual courses that are not up in the thousands. Thanks and all the best.
Love the new shirt! ❤
congratulations
Awesome
Amazing!!! ⭐️⭐️⭐️⭐️⭐️
Looking for a video from The cyber mentor on how to root Android devices.😀😀
Its crazy that 2 months ago I knew nothing about pen-testing. Now I could follow along in the vid and understand 100% of what being said. Much because of just the PEH-course. Appreciate you, Heath, and all the TCM crew.
It was a 'Hail Mary' 🙂 as I hear echoes of 'Enumerate, enumerate, enumerate'
Did you use custom malwares for the EDR test ? Anything that you wrote or obfuscated
Heath, sounds like it was a pretty dope engagement especially when you got the info you needed from that Mac folder. Thanks for sharing the high-lever overview of the engagement very informative too!
Very informative and inspiring.
Thanks for the video, appreciate it.
If they had mitigated LLMNR poisoning would've that stopped you?
Hello anyone can tell what does he mean by putting somefiles on smb shares to get user hashes on responder.?
So they gave you access to a server or you got internal access on your own?
Great story
Man, you are my idol❤️
Great video and great shirt! Keeper security is a fantastic tool and I highly recommend it. Thank you as well for the amazing video content and keep it up ❤
❤❤❤❤
I’ve done hundreds of pen tests professionally over the past 4 years. This story is a pretty common one, sans share access that’s unmitigated. That’s uncommon and I usually find a different way, but CME, Responder, ntlmrelayx, and simple SCF/URL files are priceless.
Heath, you are incredible and I hope you grow even more than you already have! Favourite cyber person, period.
I want to mention too that your courses have been strongly recommended by multiple organizations I have applied for in Switzerland and UK !!!!!!!!!
This video explains from the LinkedIn post @heath made few days back.
I'm studying AD for PNPT and loved the story. Please keep sharing your experiences.
Hi bro, can you share from where AD pnpt we can study. Am searching a lot about this subject but not getting a detailed document/book
@@purplepingg tryhackme active directory module. Around 7 rooms. Half are free and half paid.
Interesting 🤔🤓
File shares again? I hope none of the IT folks over there bad mouthed Uber coz they are also guilty of storing passwords in installation scripts
That one mistake. Looks like the company was doing very well indeed overall. Well done sir!
That shirt looks cool. Do you make the designs on TCM Academy yourself?
As always insightful and am so curious to have as TCM's mentality
MAN, WHAT ARE THE CHANCES? JUST 3 DOMAIN ADMINS AND ONE OF EM' A SERVICE ACCOUNT?
How much to upload your brain? takes me long time to learn 😔
Is it possible to make a Wi-Fi extender from a usb flash drive
Where can I get the TCM shirt you got wore???
Just check tcm merch site lol
You get everything with domain controller
You’re the best man!
Tks for sharing!
Why would I use Keeper Security when Firefox can suggest and keep my passwords too?
Those passwords are stored in cleartext homie.
First viewer 👏🤠