Whoa now, hold up — CRTP
Wait a minute, hold up. Can I do that with PowerShell?
I wanted to write about this much sooner, but oh my goodness, it’s been busy! These past several weeks, I’ve spent a lot of time getting hands-on with the Pentester Academy Attacking and Defending Active Directory Bootcamp. And this course is fucking excellent! Some filthy little things can be done using PowerShell.
I had very little knowledge of AD when going into the course. Before this, if you talked to me about forests and domains, the universe would start spinning in my head. But here’s what I like about it and why I think it’s essential to have some AD knowledge and Red Teaming skills.
Until a few weeks ago, I worked on stand-alone machines, whether it was Hack the Box, TryHackme, or Proving Grounds. It was about gaining a foothold and escalating privileges, which was pretty much it. Hooray, got flag.txt and proof.txt! Fantastic right?
But then what?
Now that you’ve got a machine on the network, then what? I had no clue. Well, that’s what this course teaches you, what to do next. You’ll start off on a student machine with low integrity, escalate your privileges to a higher integrity level, and become a local admin. Multiple domain controllers, subdomains, and cross-forest trusts. There are so many things to explore.
All that stuff I just mentioned, I had no idea what they were, and now it’s like, my mind is blown. I kind of know what AD is about. And I’m doing this in a patched environment with no exploits! It’s all done abusing features and misconfigurations! I’ve got about a week left of lab time, and the boot camp’s last session is coming up. I’ve got one more lab to complete, and then I’ll be scheduling my exam. I really need to keep my notes tight, so there will be a lot of housekeeping that will need to get done in the upcoming week. Then it’ll be time for the OSCP exam.
To sum it up, it is DOPE, don’t sleep on it! I felt like I was entering the center stage and seeing an audience full of people.
Thank you for following my journey into penetration testing. I hope all is well, and I wish you all the best in your health and career.