Lateral Movement To DC - Metasploit

Описание: In this video tutorial, the host guides viewers through a penetration testing exercise focusing on lateral movement to a Domain Controller (DC) using specific credentials. The process involves using tools like Metasploit to exploit vulnerabilities in the Windows SMB protocol & gain access to a network’s Active Directory (AD). The host demonstrates how to set up the necessary configurations, including filling in missing LM hashes, establishing a reverse TCP session & utilizing the Kiwi tool to extract sensitive information from the AD. The tutorial progresses through several technical steps, showcasing the extraction of credentials & insights into user permissions, particularly identifying the Enterprise Admin. Ultimately, the video emphasizes the importance of maintaining persistence within the network environment while highlighting some limitations & considerations when attempting to add users on a domain controller.