@D3v17 said:
@Dazed said:
Hello everyone! I am currently stuck on getting ldap2. I have run multiple captures with tcp while attacking ldap with NSE and JXand have combed through all of the captured ldap packets. I can see ldap2’s hash. I know I am not supposed to try to crack this hash and it is not a simple Pass The Hash attack from my understanding. I feel like I am overlooking something simple! What is the step I am missing for ldap2? Help me understand in depth please, I want to know what is going on, not just how to get ldap**2 thx!
If you have the right data, analyzing them on your device, you will find that the packet containing the ldap****2’s hash, is carrying an LDAP message, the BindRequest, the start of the authentication process. You can learn more by reading this The LDAP Bind Operation – LDAP.com or this https://ldapwiki.com/wiki/Bind%20Request
And yes, if you have the right data, you’re overlooking something simple!
Got user! Thanks for the help and resources! Now onto root.