Reseaux Active directory
Posts
objectif Deployer Active directory Centraliser les logs dans un SIEM filtrer et controler le trafic avec un pare feu Installation et configuration de Pfsense Objectif Autoriser LAN
Kali Jump machine: Server: 10.0.5.200 User: red Password: I’mthebest Machine 1 : 10.0.5.5 Enumeration Nmap nmap -sV -sC 10.0.5.5 -v --min-rate 1000 -Pn -T4 -p- PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 9.2p1 Debian 2+deb12u5 (protocol 2.0) | ssh-hostkey: | 256 19:86:8f:39:ff:0b:83:67:d8:44:64:7c:b1:4b:5b:16 (ECDSA) |_ 256 8d:b8:c5:d7:4b:59:d5:83:a4:5d:8d:ec:98:55:3e:23 (ED25519) 25/tcp open smtp | fingerprint-strings: | Hello: | 220 mailserver SMTP - IMPORTANT: procmail and forward allowed - accepted email ONLY From:<someone@localhost> |_ Syntactically invalid EHLO argument(s) |_ssl-date: TLS randomness does not represent time | smtp-commands: mailserver Hello nmap.scanme.org [10.0.5.200], SIZE 52428800, 8BITMIME, PIPELINING, PIPECONNECT, CHUNKING, STARTTLS, PRDR, HELP |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP 139/tcp open netbios-ssn Samba smbd 4 445/tcp open netbios-ssn Samba smbd 4 1080/tcp open nagios-nsca Nagios NSCA 1234/tcp open hotline? 4242/tcp open tcpwrapped |_dicom-ping: ERROR: Script execution failed (use -d to debug) 6666/tcp open irc? |_irc-info: Unable to open connection 6667/tcp open irc? |_irc-info: Unable to open connection 6789/tcp open ibm-db2-admin? 7530/tcp open unknown 7531/tcp open http SimpleHTTPServer 0.6 (Python 3.11.2) | http-methods: |_ Supported Methods: GET HEAD |_http-server-header: SimpleHTTP/0.6 Python/3.11.2 |_http-title: Directory listing for / 7532/tcp open unknown 8080/tcp filtered http-proxy 8300/tcp open tmi? 8400/tcp open cvd? 8585/tcp open http SimpleHTTPServer 0.6 (Python 3.11.2) | http-methods: |_ Supported Methods: GET HEAD |_http-title: Independent HTTP Node :8585 |_http-server-header: SimpleHTTP/0.6 Python/3.11.2 9631/tcp open peocoll? 9632/tcp open mc-comm? 9999/tcp open http SimpleHTTPServer 0.6 (Python 3.11.2) | http-methods: |_ Supported Methods: GET HEAD |_http-title: Directory listing for / |_http-server-header: SimpleHTTP/0.6 Python/3.11.2 14465/tcp open unknown 31008/tcp open tcpwrapped 32001/tcp open tcpwrapped 32002/tcp open tcpwrapped 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port25-TCP:V=7.95%I=7%D=8/26%Time=68AD84FF%P=x86_64-pc-linux-gnu%r(Hell SF:o,9A,"220\x20mailserver\x20SMTP\x20-\x20IMPORTANT:\x20procmail\x20and\x SF:20forward\x20allowed\x20-\x20accepted\x20email\x20ONLY\x20From:<someone SF:@localhost>\r\n501\x20Syntactically\x20invalid\x20EHLO\x20argument\(s\) SF:\r\n"); Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel Host script results: | nbstat: NetBIOS name: MAILSERVER, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown) | Names: | MAILSERVER<00> Flags: <unique><active> | MAILSERVER<03> Flags: <unique><active> | MAILSERVER<20> Flags: <unique><active> | \x01\x02__MSBROWSE__\x02<01> Flags: <group><active> | WORKGROUP<00> Flags: <group><active> | WORKGROUP<1d> Flags: <unique><active> |_ WORKGROUP<1e> Flags: <group><active> | smb2-security-mode: | 3:1:1: |_ Message signing enabled but not required |_clock-skew: 2s | smb2-time: | date: 2025-08-26T09:58:52 |_ start_date: N/A
SUMMUS: Extreme Red Teamer Lab https://extremeredlab.0x29a.it/redteamlabs ![[20250825134143.png]] Présentation du laboratoire Notre laboratoire de certification est structuré pour tester les compétences pratiques et stratégiques requises pour fonctionner comme un véritable laboratoire Extreme Red Teamer. Les candidats seront confrontés à des scénarios avancés qui incluent : Linux et Windows : exploits et élévation des privilèges Active Directory : attaques avancées et persistance Pivotement extrême : mouvement latéral dans des réseaux complexes Mise en réseau : manipuler les paquets dans les réseaux Sécurité du cloud : vulnérabilités et erreurs de configuration dans GCP, AWS et Azure Vulnérabilités du monde réel : exploiter les failles de sécurité La réussite du laboratoire nécessite des compétences techniques avancées, une pensée critique et une adaptabilité. ...
In this Red Team exercise, students will simulate a financially motivated Advanced Persistent Threat (APT) attack against “Trust Bank,” aiming to compromise the branch manager’s email account and exfiltrate sensitive financial data including internal communications all while maintaining stealth to mimic real-world banking threats like FIN7. The Red Team will go through Initial Access, Privilege Escalation, Lateral Movement & Data Exfiltration. Description To conduct a targeted cyber operation against “Trust Bank” with the primary goal of compromising the branch manager’s mailbox and exfiltrating sensitive financial data (e.g., customer records, transaction logs, internal communications). The operation will simulate a financially motivated Advanced Persistent Threat (APT) attack, leveraging advanced tradecraft to evade detection while achieving mission objectives. ...