<aside> 📌 Summary
</aside>
ldapdomaindump ldaps://192.168.138.136 -u 'ORB\\lkisaka' -p Password1 -o orb.local
ladps://<DC IP>-u: Domain user-p: Password of the domain user-o: Output folder (optional)
Inside the output folder, we can see a lot of files. Inside them, we can see a lot of information.
In this way, we can look at the computers of the domain, at the domain trust with others or even at the users.
firefox ./domain_users_by_group.html
This file shows all the users by group. Inside it, we want to know a few things.
First, let’s look at our targets, we might know one or two users, but we should focus on Domain Administrators or Enterprise Administrators.
Moreover, we can take a deeper look at the user trying to find information inside descriptions and groups.
