jetlib.sec » Penetration Testing » Linux Targets in a Windows Domain

Feeds

133326 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Penetration Testing

• September 16, 2011
• 

  Linux Targets in a Windows Domain

  Posted: September 16th, 2011, 10:06pm PDT

  Tags:   

  Posted by Doyle, Jason \(10090\) on Sep 16

  When performing an internal penetration test of a windows domain with an objective of acquiring domain administrator
  credentials and/or credit card information, what is considered useful information on a Linux system? I'm in the
  situation where the only vulnerability I can find and exploit is on a Linux web server. Of course, I can attempt to
  crack all the local password hashes, and try to use those credentials on other systems....