Update Active Directory Attack.md

Find AD
This commit is contained in:
Seb 2022-08-02 15:09:23 +02:00 committed by GitHub
parent e386a110d9
commit 310338b279
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -460,10 +460,15 @@ Replace the customqueries.json file located at `/home/username/.config/bloodhoun
### Other Interesting Commands ### Other Interesting Commands
- **Find Domain Controller** - **Find Domain Controllers**
```ps1 ```ps1
nslookup domain.com nslookup domain.com
nslookup -type=srv _ldap._tcp.dc._msdcs.<domain>.com nslookup -type=srv _ldap._tcp.dc._msdcs.<domain>.com
nltest /dclist:domain.com
Get-ADDomainController -filter * | Select-Object name
gpresult /r
$Env:LOGONSERVER
echo %LOGONSERVER%
``` ```
## Most common paths to AD compromise ## Most common paths to AD compromise