This lab had 3 Windows end-user computers, 1 Netscaler FreeBSD server, 1 Citrix Windows server and 1 Domain Controller.
Initial access was based on social engineering and phishing attacks, followed by privilege escalation I was able to own first 3 end-user computers.
One of the accounts had SPN, allowed kerberoasting and moving laterally.
After some post exploitation, enumeration and escalation, I was able to own Citrix and Netscaler server too.
The user I got initial access on DC had some juicy privileges that allowed me to obtain shadow files. After gathering hashes and crafting golden ticket, I was able to finish this lab
Key skills required
- Social Engineering - Phishing attacks
- Post Exploitation
- Lateral Movement
- Silver-Golden tickets
- Active Directory