Mar 8, 2025

Austrian Institute of Technology Active-Directory pentesting p2

Austrian Institute of Technology Active-Directory pentesting

271  words 1 Minute, 13 Seconds

2025-03-08 00:00 +0000




Active Directory Penetration Testing of Austrian Insitute of Technology Testing Laboratories

This research details the findings of a comprehensive Active Directory penetration testing engagement conducted across a series of prepared testing laboratories representing AIT’s infrastructure. The objective was to assess the security posture of the Active Directory environment and identify potential vulnerabilities exploitable by malicious actors.

The penetration testing methodology focused on simulating real-world attack scenarios, utilizing a combination of automated tools and manual techniques. The assessment revealed several critical vulnerabilities within the Active Directory environment, specifically:

Passwords in AD Description:

The testing identified instances where sensitive password information was inadvertently stored within Active Directory description fields. This presents a direct risk of credential exposure to attackers who gain even limited access to the AD environment.

Password Spraying Attack:

The research confirmed the vulnerability of the environment to password spraying attacks, indicating that accounts with weak or commonly used passwords were susceptible to compromise. This highlights a failure in password complexity enforcement.

LLMNR and NBT-NS Poisoning:

Exploitation of LLMNR and NBT-NS poisoning was successful, demonstrating the potential for attackers to intercept and manipulate network traffic. This vulnerability allows for credential theft and man-in-the-middle attacks, enabling unauthorized access to sensitive resources.

Weak Domain Password Policy:

The testing revealed that the domain password policy was insufficiently robust. This allowed for the use of weak passwords, significantly increasing the risk of successful brute-force and password spraying attacks.

NOTE:

For few vulnerabilities I received directly support from AIT pentesting team.

Technical proof of concept:



This research provides a valuable foundation for Austrian Institute of Technology to strengthen its security posture and protect its critical assets.