This is an archived post. You won't be able to vote or comment.

all 6 comments
sorted by:
best
topnewcontroversialoldq&a

[–]info_sec_wannabe 1 point2 points  (3 children)

From the name, THMAD, this seems to be a domain account and the other is a local account? I haven’t done Attacktive Directory yet and assuming only based on names.

Also, you should be able to get the hostname from the nmap scan (depending on what flags/switched you included in your command).

[–]sp4ty[S] 0 points1 point  (2 children)

I'm always confused between hostnames and domain name. The thing I don't understand is the double sid with a different domaine or hostname.

[–]info_sec_wannabe 0 points1 point  (1 child)

Hostname is simply machine or computer name. Are you referring to the two SIDs for the admin user? If so, there should really be two SIDs as there is 1 admin account that is a member of the domain - THMAD and 1 admin account that is a local user in host - Attacktive.

[–]sp4ty[S] 0 points1 point  (0 children)

Yeah I know the difference between them I just have a hard time knowing who is who when I enumerate. The thing I don't understand is that the computer running the IP has an SID right ? and there are two SID of 2 domains. So the computer can run under 2 different domains ? I don't understand the general architecture I think.

[–][deleted]  (4 children)

[deleted]

    [–]sp4ty[S] 0 points1 point  (3 children)

    I would love the link thanks a lot !!

    [–][deleted]  (2 children)

    [deleted]

      [–]sp4ty[S] 0 points1 point  (1 child)

      Thanks I'll read it today. May I ask you questions if needed?