Hello friends! We're long overdue for a tale of pentest pwnage, and this one is a humdinger! It's actually kind of three tales in one, focusing on pentesting wins using:

  • Manual "open heart surgery" on the root of the Active Directory domain
  • The new totally rad DHCP poisoning module of Responder
  • An opportunity to abuse GPOs with SharpGPOAbuse (P.S. we talked about this tool about a year ago in episode 441)