Tasks for the specified attack path

  1. Enumerate valid usernames.

  2. Spray password against the valid usernames discovered.

  3. Try to get access to the workstation machines.

  4. Escalate privileges by abusing a mis-configured service.

  5. Dump credentials and enumerate shares.

  6. Retrieve credentials from a share.

  7. Enumerate ACL's for this user and abuse them.

  8. Abuse constrained delegation.

  9. Abuse Unconstrained delegation with the printerbug.

  10. Escalate privileges to the parent domain.

  11. Discover Foreign Security Principals and access a share across trusts.

  12. Retrieve credentials from the share.

  13. Try to get access to the fileserver.

  14. Abuse ACL and execute DC Sync.

Last updated