| ターゲット // Forest | |
|---|---|
| Platform | HTB |
| OS | Windows |
| Difficulty | Easy |
| IP | 10.129.157.109 |
Recon
Standard AD box – DNS, Kerberos, LDAP, SMB all present. Domain: htb.local.
Enumeration
Nmap
▶ Nmap output
PORT STATE SERVICE
53/tcp open domain
88/tcp open kerberos-sec
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
445/tcp open microsoft-ds
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
5985/tcp open wsman
9389/tcp open adws
47001/tcp open winrm
OS: Windows Server 2016 Standard 14393 x64