Ldapdomaindump

Overview

Ldapdomaindump works by connecting to the LDAP server/Domain Controller, and querying it for information about users, groups, etc. It takes the responses from the server and puts it into a nice readable format for us to read.

Impacket-ntlmrelayx uses this tool by automatically default but if the IPv6 DNS Takeover attack didn't work there is a manual way of doing it.

Domain Enumeration

sudo ldapdomaindump ldap://192.168.1.129 -u 'PNPT\greg' -p 'Password1'

Previousldapsearch NextBloodhound

Last updated 1 year ago