mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-24 05:15:26 +00:00
Update Active Directory Attack.md
Find AD
This commit is contained in:
parent
e386a110d9
commit
310338b279
@ -460,10 +460,15 @@ Replace the customqueries.json file located at `/home/username/.config/bloodhoun
|
|||||||
|
|
||||||
### Other Interesting Commands
|
### Other Interesting Commands
|
||||||
|
|
||||||
- **Find Domain Controller**
|
- **Find Domain Controllers**
|
||||||
```ps1
|
```ps1
|
||||||
nslookup domain.com
|
nslookup domain.com
|
||||||
nslookup -type=srv _ldap._tcp.dc._msdcs.<domain>.com
|
nslookup -type=srv _ldap._tcp.dc._msdcs.<domain>.com
|
||||||
|
nltest /dclist:domain.com
|
||||||
|
Get-ADDomainController -filter * | Select-Object name
|
||||||
|
gpresult /r
|
||||||
|
$Env:LOGONSERVER
|
||||||
|
echo %LOGONSERVER%
|
||||||
```
|
```
|
||||||
|
|
||||||
## Most common paths to AD compromise
|
## Most common paths to AD compromise
|
||||||
|
Loading…
Reference in New Issue
Block a user