Скачать или смотреть Active Directory Enumeration with LdapDomainDump and Metasploit Part 2

The Active Directory is the focal point for Attackers.
One of the common Attack Against Active Directory is by exploiting Missing Patches. (ms17_010_eternalblue)
Here, we cover how to use Metasploit exploit missing Patch within the Active Directory to escalate privilege and dump ntds.dit file.

00:00 - Active Directory Enumeration Part1 Review
05:00 - LAB Demo

****Steps for using this exploit***

we have 4 phases
Phase 1) an exploit is fired on the device (the stager, here in our case a windows x64 reverse_tcp)
Phase 2) the stager connects back to the MSF on a specific URL via HTTP
Phase 3) the MSF recognizes a new session and sends the meterpreter DLL to the device in clear
Phase 4) the stager load the meterpreter in memory and execute it. From then on, a secure command and control channel is negotiated back to the MSF

Sample ldapdomaindump command:
ldapdomaindump --user Domain\\Domain_User -p password ldap://IP_Addr:389 --no-json --no-grep -o scanResult