Tag: Esentutl

Jan 03

How Attackers Dump Active Directory Database Credentials

I previously posted some information on dumping AD database credentials before in a couple of posts: “How Attackers Pull the Active Directory Database (NTDS.dit) from a Domain Controller” and “Attack Methods for Gaining Domain Admin Rights in Active Directory“. This post covers many different ways that an attacker can dump credentials from Active Directory, both …

Continue reading »

Nov 06

How Attackers Pull the Active Directory Database (NTDS.dit) from a Domain Controller

I performed extensive research on how attackers dump AD credentials, including pulling the Active Directory database (ntds.dit) remotely. This information is covered in two newer and greatly expanded posts: How Attackers Dump Active Directory Database Credentials Attack Methods for Gaining Domain Admin Rights in Active Directory   The original post data follows: How Attackers Pull …

Continue reading »