Jump to content

Secgroundzero

Members
  • Posts

    2
  • Joined

  • Last visited

Everything posted by Secgroundzero

  1. Hi all, i am creating a demo of the infamous windows tokens manipulation. the scenario i am using is as follows: single pc connected to the domain controller. 2 users are signed in the DC through that computer. a regular user and a domain admin. i am using nishang to enumerate tokens but no tokens are found. how can i create tokens in order to use them? thanks
  2. Hi all, new member here and glad to join the forum. So here is the story. I am in the middle of a pen test which also follows a stolen laptop scenario. I have obtained a sample laptop and created a user with admin rights on it. When i try to execute commands like net users /domain i get an error that the DOMAIN.com does not exist or could not be contacted. *where DOMAIN is the domain name masked for confidentiality i know that this is a valid domain which was verified from other tests. I have also managed to get access via webmail to more than 20 accounts and verified the domain from there. I am not experience with TCP/IP configuration but this is what i did so far. ipconfig /all shows the following host name : the name of the pc primary dns suffix: DOMAIN.com Node Type : hybrid IP routing enabled : no wins proxy enabled: no dns suffix search list: DOMAIN.com, DNS.DOMAIN.com (i added the dns.DOMAIN.com) Other steps i followed was to change the dns entries in my network connection to have the dns of the organization. i also tried to find the FQDN but i was unable although zone transfers were permitted and i pretty much got everything. the domain does not respond to ping. I know that i am holding a workstation that is present on the domain and i also have valid username and password. What else could i be doing wrong because i am stuck and i need this urgently in order to escalate. thank you in advance
×
×
  • Create New...