HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 40 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow Pen Testing Windows
EH-Net
May 23, 2013, 04:00:19 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: 1 [2]   Go Down
« previous next »
  Print  
Author Topic: Pen Testing Windows  (Read 10904 times)
0 Members and 1 Guest are viewing this topic.
cd1zz
Hero Member
*****
Offline Offline

Posts: 561


View Profile WWW
« Reply #15 on: December 12, 2011, 08:03:40 AM »
It's heavy on AD but there are other areas of focus as well.

http://www.microsoft.com/learning/en/us/certification/mcitp.aspx#tab2
Logged
OSCE | OSCP | GXPN | OSWP | CISSP
http://www.pwnag3.com
http://www.networkadminsecrets.com
LK
Newbie
*
Offline Offline

Posts: 29


View Profile
« Reply #16 on: December 12, 2011, 03:31:42 PM »
cd1zz pointed you to some very good directions; for a real world scenario I will add searching for shares and trying to access them - you will be amazed how many misconfigurations exist.
For ldap: after you enumerate the juicy stuff, you can try again a dictionary attack on the user names discovered, even if the account lock-out is in place you might get lucky and guess a password with a dictionary attack.
Logged
Security+, OSCP, CISM, CISSP
millwalll
Guest
« Reply #17 on: December 13, 2011, 03:40:06 AM »
Cool I will try look into all these things and let you know how i get on.
Logged
24772433
Newbie
*
Offline Offline

Posts: 33


View Profile
« Reply #18 on: December 18, 2011, 06:22:20 PM »
If you want to tinker with AD for free Microsoft have quite a few pre-configured VHDs for Microsoft Virtual Server. 

http://technet.microsoft.com/en-us/bb738372

I've used these in the past, mainly the Exchange servers for evaluation and testing. With the standalone 2008/2003 servers you can easily create an AD environment just by running the command DCPROMO from RUN. A simple wizard will configure AD on your server.

Steve. 
Logged
millwalll
Guest
« Reply #19 on: December 19, 2011, 03:59:15 AM »
Cool thanks for the link will have to take a look at that.
Logged
Pages: 1 [2]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.066 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.