Overview
The purpose of this lab is to break into a Windows machine through a vulnerability in Kerberos. You will perform the following tasks. The first step is to determine the target Windows machine to attack. Then, you will enumerate the available services on the Windows target. Then, you will exploit a SQL Server Express database to exfiltrate user names and passwords. Then, you will attack the Windows machine through remote desktop using a known Kerberos vulnerability that allows a user to escalate privileges.
outcomes
In this lab, you will learn to:
- Use nmap to perform host discovery on a subnet
- Use nmap to perform service enumeration against a Windows target
- Use dirbuster to fuzz a web server on the target
- Manually exploit SQL Server Express
- Use the Kali malware to exploit Kerberos
Courses
Key terms and descriptions
zenmap
A GUI front end for nmap, will allow you to scan for open ports and enumerate services.
metasploit
A framework that contains exploits for various information systems, such as Mac OS X, Windows, Linux, and Unix.
nmap
A port scanner which will indicate whether ports are open or closed on a remote or local system.
kerberos
An authentication protocol used with Windows Active Directory which uses port 88 by default.
dirb
The command to utilize the directory buster program that searches for sub directories on a web server.