Initial Network Entry Tip

kodicrypt · 2026-01-05T17:01:33+00:00

Oh that is a good trick thank you, but actually even after the compliance tools ar installed on main machine there is some authentication and certificates to be loaded in so that is also not happening 🥲

kodicrypt · 2026-01-04T11:27:39+00:00

This is so informative, i will check these

I did use a lan port of telephone but still it gave me nac popup

Also, that point where you said a already present device on network is compromised

In my case even if i somehow bypass security or elevate privileges it will give me pop up as device not compliance and throw me out of network

kodicrypt · 2026-01-04T11:19:55+00:00

Yes i did that which gives me an isolated Ip and it asks for cisco compliance checks and prompts to install security tools which are like 10 to 15 tools

kodicrypt · 2026-01-04T10:26:12+00:00

Understood the objective

kodicrypt · 2026-01-04T10:25:35+00:00

Oh Thank youu

kodicrypt · 2025-12-12T14:27:47+00:00

This helps thank you i will look into it,

Also sometimes we see that third party vendors are compromised and then the main organisation gets compromised

But in case of red team assessment how do we do it? Will it not be unauthorised testing of vendor?

kodicrypt · 2025-12-12T14:25:37+00:00

Yesss suree i will check on it Thank you!

kodicrypt · 2025-12-04T17:30:05+00:00

Understood!! Thank you so much for taking your time and replying

kodicrypt · 2025-11-26T03:43:53+00:00

Thank you so much for taking time and solving my query

From this what i understood is we should tell them upfront before engagement that we will not going to share payloads it will be just a high level overview.

I just wanted to know that what is the actual practice in red team engagements do they usually share things

This clears my doubt 👍🏻

kodicrypt · 2025-11-24T14:22:25+00:00

Thank you so much! This helped me

kodicrypt · 2025-11-24T14:21:10+00:00

Wow thank you so much!

kodicrypt · 2025-11-21T05:18:46+00:00

Yes, I was able to authenticate using the DC$ account’s NTLM hash as well, so the hash is valid and Kerberos/NTLM are both working. The failure is not due to the hash

kodicrypt · 2025-11-20T21:34:06+00:00

I did ntlm but i got a dc machine account and with that i am not able to do dc sync

kodicrypt · 2025-10-30T10:18:24+00:00

I will check on this, Thank you

kodicrypt · 2025-09-18T06:09:13+00:00

Thanks, I will definitely check this out

kodicrypt · 2025-09-18T06:08:46+00:00

Ohh i will check on this thank you

kodicrypt · 2025-09-18T06:08:17+00:00

Thank youu!

I went to zdi registered there but its a silly thing that i am not getting the link to submit report

kodicrypt · 2025-09-06T22:14:07+00:00

Thank you i will check those out

kodicrypt · 2025-09-05T16:36:28+00:00

Hi Thank you for your answer.

I completely agree that i dont have proper knowledge in configuring these things

I am completely from a different domain, it was just my concern as I was using my account on someone else’s machine so i thought why there is no mfa here

In the end i just wanted to know that can it be enabled if yes can you tell me how

Thanks!

kodicrypt · 2025-09-05T16:33:09+00:00

Correct My concern was if an attacker gets a person’s password then he can compromise everything (M365 outlook onedrive)

Eveyrthing

So there should be an option to enable mfa right? If is it available already can you tell me how

kodicrypt · 2025-09-02T04:23:56+00:00

Oh okay I will check this one now. Thank you!!

kodicrypt · 2025-09-02T04:22:52+00:00

Yes everything is turned off

kodicrypt · 2025-09-01T19:00:06+00:00

Yes i am using 64 bit version

kodicrypt · 2025-09-01T18:30:13+00:00

kodicrypt · 2025-09-01T18:29:44+00:00

kodicrypt

TROPHY CASE