Red Team Professional - Week 8 - Failed!

Home Blog


I think its important to note down failures, as its a reminder that things may not go your way. I did fail my exam and was really sad about it. Im determined to pass this however many tries it takes. I'm working a lot on Group and ACL enumeration as my issue was that I wrote an enumeration script that spits out all enumeration on standard objects. Kind of like just looking at the results for Linux priv esc script that everyone uses for OSCP. However, I didn't further interrogate these findings. I also didnt go further with non standard groups as there were a couple.. I need to do it manually and just take my time instead of automating it.


This gives me information about groups, however I didnt go into detail with ACLs for something like:

The above command will give me information about the RDP Users group ACLs, and sort them by ObjectDN, Idenitiy Reference and Active Directory Rights. This information is crucial to attack ACLs.  I needed to do this with all non standard groups and map out the attack path more clearer and slowly. I also did a lot of bloodhound work to map the shortest path to domain admins. Good and all, only if you know how to read ACLs properly!!

I have re-booked it for the next two weeks. This time, enumerate slowly and enumerate everything. Take your time, Cuong.