How do I continue pentesting with access to local station?

General Tech Learning Aids/Tools 2 years ago

0 1 0 0 0 tuteeHUB earn credit +10 pts

5 Star Rating 1 Rating

Posted on 16 Aug 2022, this text provides information on Learning Aids/Tools related to General Tech. Please note that while accuracy is prioritized, the data presented might not be entirely correct or up-to-date. This information is offered for general knowledge and informational purposes only, and should not be considered as a substitute for professional advice.

Take Quiz To Earn Credits!

Turn Your Knowledge into Earnings.

tuteehub_quiz

Answers (1)

Post Answer
profilepic.png
manpreet Tuteehub forum best answer Best Answer 2 years ago

I started learning hobbyist penetration testing a while ago, and as far as penetrating a computer I have physical access to, all is good. Mainly using Hiren bootCD, it is easy to gain access to an local administrator account, if nothing else then through offline cracking of the poorly encrypted local passwords.

However, once I have secured access to the local admin account, I do not know how to continue on. The MsCache is strong, and rarely contains anything worthwhile, I even read that most good admins turn caching off.

The most promising things I have seen so far was the pass-the-hash toolkit, based on dumping LSA secrets, which promised to "compromise a whole Windows domain after compromising a single machine that was a member of that domain." However, that failed to work on the Vista domain I am pentesting right now.

What are the general strategies in this situation? What are the specific ones?

No matter what stage you're at in your education or career, TuteeHub will help you reach the next level that you're aiming for. Simply,Choose a subject/topic and get started in self-paced practice sessions to improve your knowledge and scores.