Forest
Forest
Forest 212
Forest
RETIRED MACHINE

Forest

Forest - Windows Windows
Forest - Easy Easy

4.6

MACHINE RATING

19605

USER OWNS

15330

SYSTEM OWNS

12/10/2019

RELEASED
Created by egre55 & mrb3n

Machine Synopsis

Forest in an easy difficulty Windows Domain Controller (DC), for a domain in which Exchange Server has been installed. The DC is found to allow anonymous LDAP binds, which is used to enumerate domain objects. The password for a service account with Kerberos pre-authentication disabled can be cracked to gain a foothold. The service account is found to be a member of the Account Operators group, which can be used to add users to privileged Exchange groups. The Exchange group membership is leveraged to gain DCSync privileges on the domain and dump the NTLM hashes.

Machine Matrix

Ready to start your
hacking journey?