@The Cyber Mentor, I am not getting the device as punisher and rather it is showing some "DESKTOP-xxxx" format name. I have looked up pretty much everywhere for the solution but I am unable to find something. Can you tell me sir, why it is so? For ref: 44:37
Great content mate 👏, but I'm experiencing a problem with launching multiple VMware in workstation 17 version, which is affecting DNS server connection between 2 workstations using domain name connection...
This is brilliant! Coincidentally, I just installed windows server 2019 today after reading about building a lab in The hacker playbook 2. This video is what I needed to set it up! Thanks!
Coming back to this a little while later because I had some stuff come up. On virtual box you cannot have your server on nat or you will not be assigned a public IP. You need to put your DC in bridged mode. The workstations can stay in NAT
On virtualbox configure an internal network, put a firewall (I use pfsense) in place with two interfaces, one on your internal network and one bridged. Set the firewall as the gateway. Turn off DHCP, DNS, turn on DNS forwarding, configure the DNS servers on your internal boxes to use your DC as the primary DNS server, listing the firewall as your secondary DNS server. Now you have an actual firewall in-between your lab and your network, so you can emulate a properly segmented network (put a deny rule in place for outbound traffic, configure squid proxy, hook it up to your ldap server for Auth if you like, configure proxy via gpo from the DC) or if you just want your lab to use it's own DHCP, DNS, etc but don't want to restrict outbound comms, don't worry about adding the additional rules.
First comment is correct on a desktop. My laptop worked just fine and I didn’t have to do what the second commenter said. Maybe because my desktop isn’t wireless and my laptop is ? Just curious
bro, the support this channel deserves is invaluable, keep it real! we all love to be here for the first time! you 're just a good man sir!! All the respect!
Will check it out! Automation is nice, but it helps to know how to do this from a manual perspective as well for learning purposes. Once you know it, I fully agree on the automation piece. Super convenient.
If they land in SecOps it’s handy to know the automation, my next 2 security engineer positions will require automation and other skills. The whole “DevSecOps” thing, they’ll be embedded with a DevOps product team.
Dude literally I was looking for this 2 days ago thinking where the hell I am going to find all the resources for this and voila.. here it is. Yass. Thanks man!
Thx so much. A friend of mine once send me a script that utilizes packer and vagrant to set everything up and I had no idea what it really was doing in the background. It was pretty neat and cool but now I do understand what happens :)
I think it would be also great if you record a video about building a lab on azure or on aws. Not everybody has necessary equipment to build a lab on his own laptop :)
I had windows 10. Following this it installed windows 10 enterprise as my main OS I am so confused. Not sure why this happened can someone help me? Do I just continue using this? The video didn’t say
Thank you so much for this content 🙏 I have a similar base machine , so it is perfect for me to learn 😊First of all, I had to enable 'Virtualization Technology' on my BIOS (I couldn't start the Virtual Machine). If you face the same issues google for "How to Enable virtualization (VT-x) in Windows BIOS?" . Kind regards 🦥
Thanks for making this video and telling us step by step. A question I have - can I put this on a flash drive? If I can, what are the requirements for it to work properly? I have a 128 gb turbo 3.0 usb drive
Thank you Mentor! I was able to setup this lab very easily. The only thing that did not work like in your video was that I did not get any of the computers listed at all on each client after enabling Network Discovery. Does anyone have any idea what could be the cause of that and how to make it work? Thank you!
This worked for me Make sharing services start automatically. Press the Windows logo key + R. In the Run dialog box, type services.msc, and then select OK. Right-click each of the following services, select Properties, if they're not running, select Start, and next to Startup type, select Automatic: Function Discovery Provider Host Function Discovery Resource Publication SSDP Discovery UPnP Device Host
Hello, I really enjoyed your video and had followed through it in setting an AD lab environment for my OSCP preparation. However, I noticed that Overpass the Hash attack simulation is not covered in this lab setup. Do you have any video on that?
This was great but what I always wish to see is a way to set up a test lab that really contains production AD data. I want to be able to attack my current production configuration and data and accounts first before attacking real production servers. The most practical way I can see is to promote a new DC and then cut it off from the production network, then clean up both sides manually by removing the new DC from production with ntdsutil and then remove all DCs except the new one in the lab after seizing the FSMO roles.
if tou can't add the host to the domain, try disable the IPv6 on the host adpter and then what will happen is that you only gonna use the IPv4 DNS of the Windows Server 2016 (The DC), that worked for me. :)
This worked for me Make sharing services start automatically. Press the Windows logo key + R. In the Run dialog box, type services.msc, and then select OK. Right-click each of the following services, select Properties, if they're not running, select Start, and next to Startup type, select Automatic: Function Discovery Provider Host Function Discovery Resource Publication SSDP Discovery UPnP Device Host
When i go to look at my network i cant see the connected computers. Can someone please help and explan what to do, I am completely connected to my domain controller but when i try to see shared files and stuff in the windows explorer i cant find the connected files or pcs
I know this is late but I had the same issue. What worked for me was I typed services, find Function Discovery Resource Publication, double click on it and select Automatic for startup type. Do this for the connected computers and reboot them all. Mine showed right up after.
@@bubbaboy1830 You sir, deserve an award for this. Quite a few people out here in the comments with the exact same problem, yet I stumbled across your comment and got it to work. Thank you
I noticed that there is no internet in my VM. why ? I checked every possible thing but still could not figure what is wrong and why does it show No internet. Any help will be appreciated.
please help i successfully added THEPUNISHER but how cani add spiderman to server i mean i logged and try all account pparker but in management the pparker not showing please help
Hey guys, Just wanted to ask what are the apps that can be integrated in active directory that you guys always encountered? For instance, SharePoint. I am trying learn how to setup these apps after setting active directory up.
Awesome video. Can you do a few videos pentesting thin clients? Or at least show us the methodology to pentest a thin client. Whichever works fine. Keep up the good work.
I would like to suggest/request a video in which you explain how to perform a real web application penetration test, like how do you test everything in a web app (all test for every parameters? Or focus on something?) and Things like that. Is that possible?
Thanks for the this awesome video, but i have a little challenge. i have the DC and a Win10 running as described in the video, but when i turn on network discovery, i see the DC under network instead of the WIN10 please what i'm i missing?
hi I have a question about the hacking client. I saw a lot of demo before, why you use kali linux instead of other version such as redhat ? Is that any specialization for kali linux?
Hey dude, great video... I built a AD/DC lab a while back and wish this video was out then! I had few questions about your course, if you ever have a bit of free time, I'm on Twitter (same handle).
I am encountering an error when trying to configure AD CS. When I click the flag and "!" notification at the top I am unable to click the next button and the "Credentials" field does not allow me to input any characters like MARVEL\Administrator. Working via Macbook Pro via VMWare Fusion. Any help is appreciated :
Building a lab is something that has to be permanent if people want to use it for a long time ... here u just say take the demo and evaluation iso of Windows Server 2019 ... u should add in your video :" U have to buy a licence if u want an everlasting lab" .. I dont know much people who can afford this just for the sake of a training lab
This video seems a little silly. The vulnerabilities here would be very difficult to find in the wild. For example, I set up my Active Directory environment using a tutorial with Josh Madakor and it didn't cover anything security related, yet to enable Network Discovery I STILL have to have elevation privileges. Also, as you mentioned, having a service account is a big no no and 99% of network admins are going to know this.
@@TCMSecurityAcademy Oh... In that case, my apologies. I really thought most if not all modern day networks would be configured more tightly. Do you see users who've been able to turn Network Discovery on as well in your work? It seems AD is preconfigured to stop that from happening.
When I do the step with the cmd prompt after making the SQLServer error, I get this error FindDomainForAccount: Call to DsGetDcNameWithAccountW failed with return value 0x0000054B Unable to locate account SQLService
![[Attack]tive Directory: Compromising a Network in 20 Minutes Through Active Directory](http://i.ytimg.com/vi/MIt-tIjMr08/mqdefault.jpg)
![[Attack]tive Directory: Compromising a Network in 20 Minutes Through Active Directory](/img/tr.png)
I hope you enjoyed this video! If so, please consider dropping a like and subscribing.
I have a question, are the machines all in the same network or?
@The Cyber Mentor, I am not getting the device as punisher and rather it is showing some "DESKTOP-xxxx" format name. I have looked up pretty much everywhere for the solution but I am unable to find something. Can you tell me sir, why it is so? For ref: 44:37
Great content mate 👏, but I'm experiencing a problem with launching multiple VMware in workstation 17 version, which is affecting DNS server connection between 2 workstations using domain name connection...
I'm forced to suspend or power off 1 workstation to access the other, any suggestions
New virtual machine and open new window in file menu is disabled in vmware workstation 17, any suggestions,?
From ur udemy course to ur stream to ur youTube vid..... Been hearing u all day😂..... Keep up the great work
This is brilliant! Coincidentally, I just installed windows server 2019 today after reading about building a lab in The hacker playbook 2. This video is what I needed to set it up! Thanks!
My head is buzzing, too much new info for me and yet I'm starting this video.
Thanks for this channel!
Coming back to this a little while later because I had some stuff come up. On virtual box you cannot have your server on nat or you will not be assigned a public IP. You need to put your DC in bridged mode. The workstations can stay in NAT
On virtualbox configure an internal network, put a firewall (I use pfsense) in place with two interfaces, one on your internal network and one bridged. Set the firewall as the gateway. Turn off DHCP, DNS, turn on DNS forwarding, configure the DNS servers on your internal boxes to use your DC as the primary DNS server, listing the firewall as your secondary DNS server.
Now you have an actual firewall in-between your lab and your network, so you can emulate a properly segmented network (put a deny rule in place for outbound traffic, configure squid proxy, hook it up to your ldap server for Auth if you like, configure proxy via gpo from the DC) or if you just want your lab to use it's own DHCP, DNS, etc but don't want to restrict outbound comms, don't worry about adding the additional rules.
First comment is correct on a desktop. My laptop worked just fine and I didn’t have to do what the second commenter said. Maybe because my desktop isn’t wireless and my laptop is ? Just curious
Thank you.
bro, the support this channel deserves is invaluable, keep it real! we all love to be here for the first time! you 're just a good man sir!! All the respect!
Just bought the course I hope this will shape my confidence and reduce my stress towards landing a job and any where
You got a new subscriber. Thank you for putting this video about AD . This will help me big time when setting up AD infrastructure.
Yes... TCM This lab I have been extremely excited to get to! Great Job.
Check out the DanderSpritz Lab, it’s a full lab build, fully automated, and has all the ShadowBrokers tools built in.
Will check it out! Automation is nice, but it helps to know how to do this from a manual perspective as well for learning purposes. Once you know it, I fully agree on the automation piece. Super convenient.
If they land in SecOps it’s handy to know the automation, my next 2 security engineer positions will require automation and other skills. The whole “DevSecOps” thing, they’ll be embedded with a DevOps product team.
Dude literally I was looking for this 2 days ago thinking where the hell I am going to find all the resources for this and voila.. here it is. Yass. Thanks man!
Thx so much. A friend of mine once send me a script that utilizes packer and vagrant to set everything up and I had no idea what it really was doing in the background. It was pretty neat and cool but now I do understand what happens :)
I really like how you share your knowledge! One of the best sources for beginners with some basic knowledge.
I think it would be also great if you record a video about building a lab on azure or on aws. Not everybody has necessary equipment to build a lab on his own laptop :)
But it would be legal to do in it and we can use it as lab
No equipment is needed... just a laptop.
For virtualbox-user falling down at 41:00 -> use network bridge
how !
@@redxroomie in the config
@@redxroomie in the config
This was maybe the most helpful video Ive ever seen on AD, thank you so much. Subscribed forever
This is great, I was doing some research on abusing S4U but wanted to get hands on, and your video is brand new. Thanks!
finally a lab setup that works Great!
Thank you so much
I will buy your videos from udemy to support you and Keep up your great job 👍
thank u! best video about windows ad lab setupping on yt
Nicely Explained ..... Very Helpful
I had windows 10. Following this it installed windows 10 enterprise as my main OS I am so confused. Not sure why this happened can someone help me? Do I just continue using this? The video didn’t say
Missed the Udemy by 3 years is the course available somewhere else?
Thank you so much for this content 🙏 I have a similar base machine , so it is perfect for me to learn 😊First of all, I had to enable 'Virtualization Technology' on my BIOS (I couldn't start the Virtual Machine). If you face the same issues google for "How to Enable virtualization (VT-x) in Windows BIOS?" . Kind regards 🦥
im setting this up on vmware esxi everything seems to work but the last part with network discovery and file sharing i cant see the other pc pls help
Thanks for making this video and telling us step by step. A question I have - can I put this on a flash drive? If I can, what are the requirements for it to work properly? I have a 128 gb turbo 3.0 usb drive
Thanks For Your HArd Work Teaching People All This .
Thank you Mentor! I was able to setup this lab very easily. The only thing that did not work like in your video was that I did not get any of the computers listed at all on each client after enabling Network Discovery. Does anyone have any idea what could be the cause of that and how to make it work? Thank you!
Having this same issue.
Same here, anyone come up with a fix
same
This worked for me
Make sharing services start automatically.
Press the Windows logo key + R.
In the Run dialog box, type services.msc, and then select OK.
Right-click each of the following services, select Properties, if they're not running, select Start, and next to Startup type, select Automatic:
Function Discovery Provider Host
Function Discovery Resource Publication
SSDP Discovery
UPnP Device Host
@@Venkman1357 this worked perfectly, thank you!
Excellent course Happy New Year 2020 .In the year 2020 you have to shine like a top Cyber Mentor .I wish you all the best............
This is elite content and you're elite... thanks Heath 😊
Dude thanks. But I wasn’t able to join the domain at this 40:52 point. I’ll figure it out eventually.
Thanks for this great tutorial. I replicate it to set up my own hacking lab 👍
Just a note: When doing this with VirtualBox, I had to choose NAT Network instead of just NAT for computers to join my domain.
you are an angel, i did the whole setup 3-4 times, tried bridged and internal network nothing worked! Thanks a ton
You just saved my life. Thank you infinitely.
Amazing Course content Heath Adams all about active directory
Hello, I really enjoyed your video and had followed through it in setting an AD lab environment for my OSCP preparation. However, I noticed that Overpass the Hash attack simulation is not covered in this lab setup. Do you have any video on that?
This was great but what I always wish to see is a way to set up a test lab that really contains production AD data. I want to be able to attack my current production configuration and data and accounts first before attacking real production servers. The most practical way I can see is to promote a new DC and then cut it off from the production network, then clean up both sides manually by removing the new DC from production with ntdsutil and then remove all DCs except the new one in the lab after seizing the FSMO roles.
Forget about the price, but would there be any benefit of using Windows Server 2019 as your base as opposed to Windows 10 Pro?
This is my question
This was rad...Just spent the afternoon experimenting with it...Thank you.
If nat dont want to work on virtualbox, try bridged folks!
if tou can't add the host to the domain, try disable the IPv6 on the host adpter and then what will happen is that you only gonna use the IPv4 DNS of the Windows Server 2016 (The DC), that worked for me. :)
For some reason when I enable file sharing on both workstations I don't see the device come up under network. Any thoughts?
did you find out why?
@@blah2662 Did you find out why?
@@sharathchandra7862 nope
This worked for me
Make sharing services start automatically.
Press the Windows logo key + R.
In the Run dialog box, type services.msc, and then select OK.
Right-click each of the following services, select Properties, if they're not running, select Start, and next to Startup type, select Automatic:
Function Discovery Provider Host
Function Discovery Resource Publication
SSDP Discovery
UPnP Device Host
Awesome video bro.
As usual awesome work!.
I bought ur course on udemy. Great teacher
Thanks! Also for the other recordings!
Thanks, Cyber OG.
You inspire me man. Thanks for sharing your knowledge
at 44:33 the machine "PUNISHER" pops up. Is this the domain controller? If yes, the name should be "HYDRA-DC" as set before, isn't it?
Yes this is wierd, but my actual real host computer is showing up. Punisher must be his actual PC's name.
awesome content! love what you guys are doing for the hacking community.
So, the dafault configuration is vulnerable for those attacks? You need to harden you AD to prevent hackers use such a simple techniques?
Love your video. Thank you so much.
When i go to look at my network i cant see the connected computers. Can someone please help and explan what to do, I am completely connected to my domain controller but when i try to see shared files and stuff in the windows explorer i cant find the connected files or pcs
I know this is late but I had the same issue. What worked for me was I typed services, find Function Discovery Resource Publication, double click on it and select Automatic for startup type. Do this for the connected computers and reboot them all. Mine showed right up after.
@@bubbaboy1830 You sir, deserve an award for this. Quite a few people out here in the comments with the exact same problem, yet I stumbled across your comment and got it to work. Thank you
@@bubbaboy1830 its working thanks for your guidance
Hello, do u have any tutorial how to work and do any scenario?
great job heath classic well done my firend
I noticed that there is no internet in my VM. why ? I checked every possible thing but still could not figure what is wrong and why does it show No internet. Any help will be appreciated.
Me too
You have to install the windows drivers
Awsome! Worked in Virtual box as well.
please help i successfully added THEPUNISHER but how cani add spiderman to server i mean i logged and try all account pparker but in management the pparker not showing please help
Hey guys, Just wanted to ask what are the apps that can be integrated in active directory that you guys always encountered? For instance, SharePoint.
I am trying learn how to setup these apps after setting active directory up.
thank you so much sir. Great video❤❤ please make more on AD
Enjoying the sharing of information and showing you and this channel much love brother
2:15 that face haha, love your content
haha "It just sounds amazing"
What are good books to start reading on becoming a pen tester? I’m looking toward a career change.
Top notch content keep it coming!
Awesome video. Can you do a few videos pentesting thin clients? Or at least show us the methodology to pentest a thin client. Whichever works fine. Keep up the good work.
Im understanding everything but do I need 4 devices ?
Will you make a video showing how to perform the existing types of attacks?
After creating the lab, what is the next program
I would like to suggest/request a video in which you explain how to perform a real web application penetration test, like how do you test everything in a web app (all test for every parameters? Or focus on something?) and Things like that. Is that possible?
showing some love! about to digest this channel over the next few months. cs grad looking to become an ethical hacker.
Thanks for the this awesome video, but i have a little challenge. i have the DC and a Win10 running as described in the video, but when i turn on network discovery, i see the DC under network instead of the WIN10 please what i'm i missing?
Why did you add an extra drive during the Windows Setup step?
Thank you for this
Your udemy course is just awesome.
will you start any more advance course? if yes.
i can't wait
Really loved your videos bro
Any way to build this on AWS? Or do you have a suggestion on how to do this on AWS?
Using VMware and followed every step, but when I turned on Network Discovery no other computer was displayed. What can I do to fix this? Thank you.
Question sir , how to use the book the Art of Exploitation?? I got it but am to new on this don't got any idea how
Is there a walk through that lab or something like that
Thank you for this video!
Thank you for the video. Enlighting!!! can you set up Local Administrator Password Solution (LAPS) and attack it???
hi I have a question about the hacking client. I saw a lot of demo before, why you use kali linux instead of other version such as redhat ? Is that any specialization for kali linux?
Discount code for keyboard for US only? I get a “code not valid” message 🤔
please when you do a discount for the course in Udemy ?? ( actually the price is 79.99 euro )
can you put this project on your resume?
why does your udemy course not have new year discount?
Very few days left in the discount.
TCM, in this environment use as AD or DC a Metasploitable 3 (win2008) is possible?, because I’ve already an environment like this..!!!
What do you think to do new course for AD only
Dear, is there are another part for that video plz ?
Hey dude, great video... I built a AD/DC lab a while back and wish this video was out then!
I had few questions about your course, if you ever have a bit of free time, I'm on Twitter (same handle).
Thanks chief, this is idea i really like it and love in it
am already take that class
I am encountering an error when trying to configure AD CS. When I click the flag and "!" notification at the top I am unable to click the next button and the "Credentials" field does not allow me to input any characters like MARVEL\Administrator. Working via Macbook Pro via VMWare Fusion. Any help is appreciated :
Building a lab is something that has to be permanent if people want to use it for a long time ... here u just say take the demo and evaluation iso of Windows Server 2019 ... u should add in your video :" U have to buy a licence if u want an everlasting lab" .. I dont know much people who can afford this just for the sake of a training lab
It’s free
setspn not assigning, and it says account not found. help
Awesome, great work!
sir i regularly follow your video to learn cyber securty ,sir i wan,a request you to make video on ios and mac security. thank you
Coupon expired :(
This video seems a little silly. The vulnerabilities here would be very difficult to find in the wild. For example, I set up my Active Directory environment using a tutorial with Josh Madakor and it didn't cover anything security related, yet to enable Network Discovery I STILL have to have elevation privileges. Also, as you mentioned, having a service account is a big no no and 99% of network admins are going to know this.
Literally everything I show in this video we see more often than not. Literally on a pentest this week where service accounts were running as DA.
@@TCMSecurityAcademy Oh... In that case, my apologies. I really thought most if not all modern day networks would be configured more tightly. Do you see users who've been able to turn Network Discovery on as well in your work? It seems AD is preconfigured to stop that from happening.
i am so happy, that you have reached almost 62K. I encourage you brooo :)
So you're giving a "DC" a "Marvel"-theme based name? I like that :D
When I do the step with the cmd prompt after making the SQLServer error, I get this error
FindDomainForAccount: Call to DsGetDcNameWithAccountW failed with return value 0x0000054B Unable to locate account SQLService