Cascade is a Windows machine that just got retired. This had got an active directory which we will try to penetrate in and get the admin privilege. Let’s begin with the nmap scan sudo nmap -sS -sV 10.10.10.182 After doing the map enumeration, I decided to try LDAP enumeration using ldapsearch ldapsearch -x -b “dc=CASCADE, dc=local” -h 10.10.10.182 From this ...