Information for Users
1. Disclaimer: The author of this tutorial and related participants will not be held responsible for any direct or indirect use of the content of this tutorial for any form of loss or damage, including but not limited to loss of data, system damage, personal privacy leakage or economic loss. All individuals or organizations using the content of this tutorial do so at their own risk.
Detailed Disclaimer
copyright statement
communication group
Original tutorial
preamble
1. More tutorials please see the original tutorials (tutorials from the public hao, such as the following tutorials have errors, welcome to the exchange group feedback while moving public hao)
2. If you do not understand the problem, welcome to the exchange group to discuss and learn from each other!
3. Tutorials used in the resources are in the public hao-> resources to obtain-> Baidu.com disk
intranet penetration
- Intranet framework construction
- Information gathering: understanding the target network architecture and authority distribution
- Proxy Tunneling: Addressing Restrictions on Outbound Networking and Communication in Intranet Domains (emphasis added)
- Lateral movement: Expanding the effect by exploiting loopholes and passwords
- Privilege maintenance: implantation of backdoors or tickets, etc. for subsequent control
Basic process of intranet penetration
Computer Requirements
≥16G RAM Solid State Drive ≥512G
Recommended:32G and 1T
Intranet Environment Basics
workgroup
In computer networks, a workgroup is a simple network configuration in which computers are peer-to-peer with no centralized control.
In general, workgroups are a suitable setup for small and simple networks, but for larger or networks that require centralized management and control, it can be
can require the use of other network configurations, such as domains.
specificities
Peer-to-peer network No centralized authentication Simple setup Suitable for small networks Security Resource sharing
colloquial speech
In order to facilitate, divided into several working groups, otherwise the number of people is not good management, the technical department under the Ministry of Technology, the Department of Criminal Investigation Department under the Ministry of Administration
intranet domain
A domain is a network model in which one or more computers (called domain controllers) are responsible for managing the entire network. It is a combination of computers with security boundaries (users in one domain cannot access resources in another)
, resources within the domain are controlled by a single domain controller (controlled by the DC)
categorization
- single domain
In a network environment with only one domain, the minimum configuration is to have a DC. - father and son domains
Direct image representation
Note: A subdomain can only use the name of the parent domain as the domain suffix.
- Sino-Forest
A collection of multiple domain trees composed by establishing trust relationships.
Note that each domain, the domain name is not the same, I here for the convenience of direct paste, three domain names can be, the sub-domain is also inherited root domain name
Comparison of workgroups and intranet domains
Workgroup members, each to their own, domains are governed by dc.
It should be noted that the dns and dc in the same server, to facilitate the dc management of network traffic
Deploying a single domain environment
win10(PC-1)、win7(PC-2)、win2008(WEB )、win2016(DC)
Mirror download address./(also available on my baidu.com)
After the installation is complete
Turn off the firewall, change the computer name, configure the network.
win2016
See which segment the IP is on
Set IP
Set the IP to be configured
192.168.111.140 DC
192.168.111.141 WEB
192.168.111.139 PC-1
192.168.111.138 PC-2
The rest of the dns will be changed to 192.168.111.140, IP changed to the above corresponding to can be
Installation of Domain Control
Operating on win2016
Then the next step keeps installing
Anything without a screenshot is the next step
Direct Installation
Reboot after installation is complete
New User
Corresponding account password
WEB wlxq@
PC-1 wlxq@
PC-2 wlxq@
In 2016
After adding these three users
Other host operations
It's all similar steps
final result
Logging in as a domain user
Execute the following command
net user /domain
net time /domain
ping
If you don't understand anything, you can discuss it in the exchange group.