Proving Grounds Practise | Active Directory Box: Access

This box is a domain controller, and it involves a number of interesting techniques. If you are preparing OSCP or learning to hack, don't miss this incredible box.

Key points: #arbitrary file upload, #hypertext access (.htaccess), #kerberoasting, #SeChangeNotifyPrivilege

Port Scan

Let's start to hack by scanning the ports of the machine. And according to the scan result, this machine is a domain controller of the "access.offsec" domain.

┌──(parallels㉿kali)-[~/pg/Windows-Access]
└─$ nmap -Pn -T4 -p- --min-rate=1000 -sV -sC $IP …

access active directory box directory hacking oscp oscp-preparation pentesting provinggrounds