Once inside a network, attackers disguise themselves as normal,authenticated users. This ensures they won’t be detected during any reconnaissance or lateral movement activities. Once completed, they return information about any and all resources inside, including: users, servers, applications, identities, and naming conventions. With this information, attackers then assemble their plan to move laterally and ultimately steal data, encrypt computers, or sabotage the organization.
Fundamental Reconnaissance
Command | Description |
whoami | Tells us which user we are authenticated as |
gpresult | Gives us the effective userpermissions and the grouppolicies enabled of the account |
nltest /dclist:domain.demo | Lists all Domain Controllers |
[System.DirectoryServices. ActiveDirectory Forest]::GetCurrent Forest(). Sites | select Name, Subnets | Shows us the Subnets of the network |
Servers, Computers & Applications Reconnaissance
Command | Description |
net group "domain computers" /domain | Gives us a full list of all the workstations and servers joined to the domain |
([adsisearcher]”(&(objectClass= Computer)(name=**))”).FindAll ().properties | Giv es us all attribut es associated with a particular computer |
([adsisearcher]”(&(objectClass
=Computer)(servicePrincipal
Name=*X*))”).FindAll() | Enumerates all of the computers and servers in the domain that are running X application (dfs, MSSQL) |
Identities, Credentials & Privileged Users
Reconnaissance
Command | Description |
net group "domain admins" /domain | Gives us a list of the designated administrators joined to the domain |
([adsisearcher]”(&(objectClass=person)(objectClass=User)(admincount=1))”). FindAll() | Filters for all privileged accounts |
([adsisearcher]”(&(objectClass=person)(objectClass=User)(name=**))”).FindAll().properties | Gives usa ll attributes associated with a particular user |
[adsisearcher]”(&(objectClass=User)(primarygroupid=513(servicePrincipalName=*))”).FindAll() | ForEach-Object{ "Name: $($_.properties.name)""SPN:$($_.properties.serviceprincipalname)""Path: $($_.Path)"""} | Enumerates all of the crackable service accounts |
Casino No Deposit Bonus – Slots and Table Games
BalasHapusThe Casino 강원랜드 쪽박걸 No Deposit 포커 페이스 뜻 Bonus 심바 먹튀 is 탱글 다희 성인 방송 a reward program which requires that the participant use a casino bonus or other form of 저녁 메뉴 추천 룰렛