Active Directory Pentesting | Offensive Security Proving Grounds Access Writeup
Tags
attack-pattern: Data Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Web Shell - T1505.003 Powershell - T1086 Sudo - T1169 Web Shell - T1100
Show in Graph
Common Information
Type Value
UUID 5fa6e5ad-09e6-4718-ab17-7bb10f2702aa
Fingerprint b6907951a3c64cc3
Analysis status DONE
Considered CTI value -2
Text language
Published Sept. 28, 2024, 4:17 p.m.
Added to db Sept. 28, 2024, 6:25 p.m.
Last updated Nov. 17, 2024, 7:44 p.m.
Headline Active Directory Pentesting | Offensive Security Proving Grounds Access Writeup
Title Active Directory Pentesting | Offensive Security Proving Grounds Access Writeup
Detected Hints/Tags/Attributes 52/1/33
Source URLs
Redirection Url
Details Source https://motasemhamdan.medium.com/active-directory-pentesting-offensive-security-proving-grounds-access-writeup-ddf4f3c6fcb9?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com motasemhamdan.medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 4127 
github.com
Details Domain 339 
system.net
Details File 75 
3-medium.txt
Details File 816 
index.html
Details File 9 
webshell.php
Details File 10 
powercat.ps1
Details File 11 
local.txt
Details File 1 
get-spn.ps1
Details File 6 
invoke-kerberoast.ps1
Details File 224 
rockyou.txt
Details File 1 
invoke-runascs.ps1
Details File 1 
semanagevolumeexploit.exe
Details File 8 
shell.dll
Details File 1 
c:\windows\system32\wbem\shell.dll
Details Github username 1 
whitewinterwolf
Details IPv4 1 
192.168.211.187
Details IPv4 9 
10.10.10.2
Details IPv4 1 
192.168.49.211
Details IPv4 2 
192.168.45.195
Details Url 1 
http://192.168.211.187/index.html
Details Url 1 
http://192.168.211.187/uploads
Details Url 1 
http://192.168.211.187/assets
Details Url 1 
http://192.168.211.187/forms
Details Url 1 
http://192.168.211.187/examples
Details Url 1 
https://github.com/whitewinterwolf/wwwolf-php-webshell/blob/master/webshell.php
Details Url 1 
http://ip/uploads/shell.tty
Details Url 1 
http://10.10.10.2/powercat.ps1
Details Url 1 
http://192.168.45.195/get-spn.ps1
Details Url 1 
http://192.168.45.195:80/invoke-kerberoast.ps1
Details Url 1 
http://192.168.45.195/invoke-runascs.ps1
Details Url 1 
http://192.168.45.195/powercat.ps1
Details Url 1 
http://192.168.45.195/semanagevolumeexploit.exe
Details Url 1 
http://ip/shell.dll