LDAP
We will show how we can gather LDAP information manually and with tools.
Tools
ldapsearch
ldapsearch -H ldap://10.10.10.100/ -x -s base namingcontextsldapsearch -H ldap://10.10.10.100/ -x -b "DC=HTB,DC=LOCAL" > ldapOut.txtldapsearch -H ldap://10.10.10.100/ -x -b "CN=USERS,DC=HTB,DC=LOCAL" > ldapUsers.txtldapsearch -H ldap://10.10.10.100/ -x -b "DC=HTB,DC=LOCAL" '(objectClass=Person)'netexec
nxc ldap 10.10.10.100 -u 'cub3' -p 'password' --usersnxc ldap 10.10.10.100 -u 'cub3' -p 'password' --groupsLast updated