Penetration TestingThreat Assessment

Penetration Testing – The Masked DJ's Infrastructure

Penetration Tester·Nov – Dec 2024

Overview

A structured penetration test of a hybrid infrastructure including Active Directory and web servers. The engagement focused on identifying exploitable paths from network reconnaissance to root-level system compromise, then translating findings into a prioritized remediation report.

The Challenge

The target environment had a mix of Windows AD infrastructure and Linux web servers — both internet-facing with legacy configurations. The challenge was to find the attack chain from external access to full AD compromise within the scope of the engagement.

The Solution

Ran Nmap for service discovery and OS fingerprinting. Identified misconfigured SMB shares and weak NTLM hashes via Impacket. Exploited EternalBlue (MS17-010) to achieve root on the AD domain controller. Pivoted to web servers using captured credentials and AWS CLI misconfiguration. Delivered a full report covering root cause, exploit chain, and prioritized remediation.

Tech Stack

NmapNetwork discovery, service enumeration, OS fingerprinting

ImpacketSMB/NTLM attacks and lateral movement

Metasploit + EternalBlueMS17-010 exploitation for AD root access

AWS CLICloud credential abuse and IAM misconfiguration exploitation

Outcomes

▸Root access achieved on Active Directory domain controller via EternalBlue
▸Web server compromise via credential reuse from AD hash extraction
▸3 critical findings: EternalBlue, misconfigured SMB, weak credentials
▸Remediation report delivered covering MFA enforcement, network segmentation, and patch management

← Back to all projects View Artifact ↗