Series of Attacks on Active Directory System Detailed
HackingActiveDirectoryHackTheBoxKerberosLFILinuxEditor'sChoiceArticles
This content is an AI-generated summary. If you encounter any misinformation or problematic content, please report it to cyb.hub@proton.me.
The article describes a series of attacks on an Active Directory system, beginning with an LDAP injection and a Local File Inclusion (LFI) in a web application. After compromising a Linux machine within the domain, a user Kerberos ticket is obtained, enabling DNS spoofing. Another domain user account is then compromised, followed by the compromise of an ADFS service account. Using the Golden SAML technique, a token is created to access the site as an administrator.