Premise

In this tutorial, I explained how to do privilege escalation to gain domain controller privilege on the active directory using mimikatz and Powershell. This attack relies on gathering the NTLM hash and generating a Kerberos TGT for the administrator account of the domain controller. The success of this attack relies on the fact that the admin of the domain controller had logged in to the Windows workstation we compromised in the past and their credentials are saved in-memory cache.

Skills Learned

  • Mimikatz
  • Powershell
  • Kerberos

OSCP Certificate Notes

Windows Active Directory Penetration Testing Study Notes

Video Walk-through

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles