TryHackMe BLIND Walkthrough! -- SoupeDecode Part 1

I'm taking a page out of Tyler Ramsbey's book and doing this TryHackMe Active Directory machine completely blind! Enjoy the ups, downs, and everything in between as I tackle SoupeDecode with no preparation. Resources: TryHackMe Room: https://tryhackme.com/room/soupedecode01 My Github: https://github.com/NTHSec/ My Medium: https://medium.com/@NTHSec -------------------------------------------------------------------------------------------------- Time Stamps: 0:00 - Intro 2:00 - Starting Enumeration w/ nmap 4:00 - Starting anonymous SMB enumeration (null auth & Guest). Using Guest authentication to grab a user list 6:00 - Organizing the user list with grep and cut 8:00 - Seeing if I can do anything anonymously with LDAP 10:45 - Seeing if the IPC$ share has anything 12:00 - Attempting additional attacks with Guest access (asreproasting, null passwords, ldap enumeration, etc.). 18:50 - Attempting to spray passwords against the user list using kerbrute 21:00 - Ditching kerbrute in favor of netexec's --no-brute option to test domain usernames as passwords for all users 26:00 - Finding a valid user! 28:30 - Outro for part 1