Enumerate Entra ID

Find the Entra ID synchronization server

If Entra ID is deployed in Active Directory with cloud sync active, the MSOL account is a high value target, due to its default configuration of having DCSync privileges. This MSOL account can be extracted from a local database on the sync server. To find the Entra ID sync server you can use the NetExec module `entra-id`:

nxc ldap <ip> -u user -p pass -M entra-id

PreviousEnumerate SCCM NextPassword Spraying

Last updated 7 minutes ago

Was this helpful?