Sign in

In preparation for the OSCP certification, I challenge myself to create at least 40 walkthroughs/writeups. This is my first writeup out of 40. The name of the vulnerable machine is Hijack from Cyberseclab.

My first step is to gather information or the reconnaissance. In this process I will gather all possible information about my target computer, system or network.

RECONNAISSANCE

  1. Port Scan - scan all open ports.

Before I enumerate the domain, let’s define first what is active directory?

ACTIVE DIRECTORY (AD)

  • It is like a phonebook in this phonebook stores data information that is called OBJECT. Everything in the AD is considered an object, which include users, groups, applications and devices.
  • The main function of AD is to enable administrators to manage permissions and control access to network resources.
Reference: docs.microsoft.com

SCHEMA - contains formal definitions of every object class that can be created in an Active Directory forest. The schema also contains formal definitions of every attribute that can exist in an Active Directory object

DOMAIN CONTROLLER…


Box 3/40

My third writeup for OSCP preparation.

RECONNAISSANCE

It is also called Information Gathering Phase. To gather as much information as possible about the target.

I’ll start off by running an nmap scan: nmap -p- -sS -Pn -n -T4 — min-rate=3000 $RHOST. Nmap discovered the following open ports and services:


Box 2/40

My second writeup for OSCP preparation.

RECONNAISSANCE

It is also called Information Gathering Phase. To gather as much information as possible about the target.

I’ll start off by running an nmap scan: nmap -p- -sS -Pn -n -T4 --min-rate=3000 $RHOST. Nmap discovered the following open ports and services:

Mandoy

Student

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store