Notas
  • Introduction
  • Active Directory
    • BloodHound
    • Bypassing
    • Enumeration
    • Groups
    • Methodology
    • Msfvenom
    • Pivoting
    • Privesc
  • CMS
    • Jenkins
    • wordpress
  • CVEs
    • CVE-2017-0199
    • CVE-2019-1414
    • CVE-2021-42287
    • CVE-2021-44228
  • Common Ports
    • DNS - 53
    • LDAP - 389
    • MSSQL - 1433
    • NFS - 2049
    • RPC - 135
    • SMB - 445
    • VNC - 5900
    • ftp-21
    • kerberos-88
    • msrpc-5722
    • mysql-3306
    • rdp-3389
    • redis-6379
    • smtp-25
    • snmp-161
    • squid-3128
    • winrm-5985
  • EXTRA
    • BruteForce
    • Criptography
    • Extra
    • Fuzzing
    • Mounts
    • RevShells
  • Pentesting Android
    • Basic
  • Pentesting Web
    • IIS
    • LFI
    • OWASP TOP 10
    • Padding Oracle Attack
    • SSRF
    • SSTI
    • XSS
  • Pivoting
    • Remote Port Fowarding
    • Remote commands
  • SQLi
    • Conditional-based
    • Enumeration
    • Error-based
    • SQLite
    • Time-based
  • linux
    • Escalada
    • common-vulns
    • docker-breakout
    • ip-tables
    • port-forwarding
    • port-knocking
    • privesc
    • reversing
    • samba
  • scripting
    • Bash
    • PHP
    • Powershell
    • Python
Powered by GitBook
On this page
  • Uso de Ldapsearch
  • Listar namingcontexts
  • Dumpear información
  • Enumeración general (Ver en HTML)
  1. Common Ports

LDAP - 389

PreviousDNS - 53NextMSSQL - 1433

Last updated 1 year ago

Uso de Ldapsearch

Listar namingcontexts

ldapsearch -h 10.10.10.192 -x -s base namingcontexts

Dumpear información

ldapsearch -x -b "DC=megabank,DC=local" -H ldap://10.10.10.169:389

Enumeración general (Ver en HTML)

ldapdomaindump -u 'htb.local\amanda' -p 'Ashare1972' 10.10.10.103
[*] Connecting to host...
[*] Binding to host
[+] Bind OK
[*] Starting domain dump
[+] Domain dump finished
https://rubbxalc.github.io/writeups/assets/img/Sizzle-htb/1.png