Out-of-the-Box: NTLM Relaying Low-Privilege HTTP Authentication to LDAP

Out-of-the-Box: NTLM Relaying Low-Privilege HTTP Authentication to LDAP

When operating without credential material abandonment or phishing payloads, you can use low-privilege HTTP authentication in the context of the current user to perform a proxy relay to LDAP, and then execute tools via a SOCKS5 proxy to completely operate outside the host to achieve LDAP-related objectives. Introduction Typically, when operating with command and control … Read more