CoCalc -- enum_domain.md

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/documentation/modules/post/windows/gather/enum_domain.md
Views: ¹⁹⁰⁴

Vulnerable Application

This module identifies the primary Active Directory domain name and domain controller.

Verification Steps

Start msfconsole
Get a session on a Windows target on a domain
Do: use post/windows/gather/enum_domain
Do: set session [#]
Do: run
You should receive Active Directory domain information

Options

Scenarios

Windows 2016 with Windows 2008 SP1 DC

msf6 post(windows/gather/enum_domain) > sessions -i 1
[*] Starting interaction with 1...

meterpreter > sysinfo
Computer        : WIN-7V3NGVNQTJ1
OS              : Windows 2016+ (10.0 Build 14393).
Architecture    : x64
System Language : en_US
Domain          : CORP
Logged On Users : 4
Meterpreter     : x64/windows
meterpreter > background
[*] Backgrounding session 1...

msf6 post(windows/gather/enum_domain) > use post/windows/gather/enum_domain
msf6 post(windows/gather/enum_domain) > set session 1
session => 1
msf6 post(windows/gather/enum_domain) > run

[+] Domain FQDN: corp.local
[+] Domain NetBIOS Name: CORP
[+] Domain Controller: WIN-17B09RRRJTG.corp.local (IP: 192.168.200.218)
[*] Post module execution completed

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

Vulnerable Application

Verification Steps

Options

Scenarios

Windows 2016 with Windows 2008 SP1 DC

Product

Resources

Company