Flight to Domination: Enumeration, Tunneling and NTLM Theft – Unleashing the Power of Service Accounts for Privilege escalation.
Initial Reconnaissance
So we begin by doing an Nmap scan on the machine using the bash script.
result=$(nmap -p- --min-rate=1000 -Pn -T4 10.129.215.167 | grep '^[0-9]' | cut -d '/' -f 1 | tr '\n' ',' | sed 's/,$//' | tr -d '%');nmap -p$result -Pn...
x401a.hashnode.dev30 min read