Our Scenarios
system exploitation

Windows Domains 101

Info

Most corporate environments use Microsoft Active Directory Services, which is basically a model for central authentication. Active Directory services use the concept of a domain to group users / machines together. The central authority for each domain is a server called a Domain Controller that carries out the authentication for all other domain-joined machines.

When conducting penetration tests, it is important to assess Active Directory misconfigurations, but in order to do so, some pre-requisite knowledge is needed regarding Windows Domains, how they are used, and how they are different from local accounts / non domain-joined machines.

What you will learn

After completing this scenario, you will learn the very basics of Windows Domains, users, and groups.

Technical Details

This scenario contains one virtual machine running a windows operating system, which you need to connect to / interact with.

Pre-Reading

https://en.wikipedia.org/wiki/Windows_domain https://www.blog.vikiwat.com/en/windows-active-directory-ad-what-is-it-and-what-can-it-do/ https://0xdarkvortex.dev/index.php/2019/01/01/active-directory-penetration-dojo-ad-environment-enumeration-1/

  • MODESINGLEPLAYER
  • TYPECCL
  • DIFFICULTYEASY
  • TIME120 MINUTES
  • COST10 CRYSTALS
SHARE