HackTheBox – Forest Walkthrough | BloodHound, AS-REP Roasting, DCSync (GenericAll, WriteDACL)
Автор: Strikoder
Загружено: 2026-03-03
Просмотров: 42
Описание:
In this HackTheBox Active Directory machine, we perform unauthenticated enumeration on SMB and Kerberos services, exploit AS-REP Roasting without credentials to capture and crack hashes, use BloodHound to map out a complex attack path through Account Operators and Enterprise Key Admins groups, quickly chain group membership modifications with DCSync privilege escalation before detection, and finally perform a DCSync attack to dump all domain credentials for full domain compromise. This machine demonstrates advanced Active Directory enumeration and privilege escalation techniques. If you're learning Active Directory attacks, OSCP, or just love seeing machines get popped... this one's for you.
📂 Scripts and Commands:
https://github.com/strikoder/CTFS/blo...
🏠 Room Link:
https://www.hackthebox.com/machines/f...
--------
⏱️ Timestamps:
00:00 - Intro & Target Overview
01:10 - Unauthenticated SMB Enumeration
05:26 - Unauthenticated Kerberos Checks
06:36 - AS-REP Roasting Without Credentials
07:07 - Cracking AS-REP Hash with Hashcat
11:07 - User Flag Capture
18:30 - BloodHound Data Collection
20:40 - Attack Path Analysis
29:30 - Adding User to Target Group
29:35 - Granting DCSync Rights with dacledit
29:55 - DCSync Attack with secretsdump
30:33 - Pass-the-Hash as Administrator & Root Flag & Wrap-up
--------
Follow me for more real-world hacking walkthroughs, live streams, and cert prep content 👇
💻 Labs
GitHub: https://github.com/strikoder
🎥 Streams & Short Content
Twitch: / strikoder
Instagram: / strikoder
TikTok: / strikoder
💬 Community & Discussions
Discord Server: / discord
X (Twitter): https://x.com/Strikoder
📨 Official Contact
LinkedIn: / strikoder
Email: [email protected]
More videos coming soon on PNPT, and OSCP prep.
Stay tuned, and thanks for the support!
#forest #asreproasting #bloodhound #dcsync #accountoperators #dacledit #genericwrite #oscp #pt1 #hackthebox #tryhackme #portswigger #portswiggeracademy #activedirectory #linux #windows
#ethicalhacking #cybersecurity #pentesting #ctf #infosec #enumeration #privilegeescalation #windowshacking #networksecurity #bugbounty #RedTeam #capturetheflag #hackingtools #cyberseclabs #hackermindset #Nmap #terminal #strikoder
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке:
