7MS #729: Pwning Dracarys
Show notes
Hey friends! Still your grieving pal over here, but also your happy hacking host — because today we're diving into baby's first Dracarys! (Yes, I'm probably pronouncing that wrong. Yes, I'm going to keep saying it anyway.)
Quick housekeeping: A few days ago I published a mini-series episode from our How to Secure Your Family During and After a Disaster series, where I shared the news that my dad passed away last Friday. So many of you reached out with condolences — thank you from the bottom of my heart. I'll share a little life update at the end of this episode.
But first — Dracarys! I didn't know it existed until recently. If you knew about it and didn't tell me, I'm mad at you. But we made up. We're friends forever. Here's what we cover:
- What is Dracarys? It's a smaller, CTF-style Active Directory pentesting lab from the same crew that brought us Game of Active Directory (GOAD), GOAD-SCCM, GOAD-Light, and Ninja Hacker Academy. Where GOAD holds your hand through the vulnerabilities, Dracarys and Ninja Hacker Academy take more of a "here's your starting point, now figure it out" approach — which I love.
- The lab setup: One Linux VM, a Windows domain controller, and a Windows application server. Your only hint? Start with the Linux box. That's it. Good luck!
- TuesdayTOOLSday preview: Over on 7MinSec.club, I did a TuesdayTOOLSday episode walking through initial setup — getting your hosts file configured, running a NetExec sweep to map out the attack surface, and doing some light enumeration on that Linux box. No big spoilers, just enough to get your Kali box ready to rock.
- What I've learned since: After the TuesdayTOOLSday recording, I kept digging. My methodology has been: nmap to identify open ports and service versions, then research whether any of those versions have known exploits. Once I spotted an interesting web service, AI pointed me toward FeroxBuster for directory and file enumeration — a tool I hadn't used before but am now a huge fan of. It's fast, configurable, and once I got my scan tuned properly… I found a jewel. That jewel feels like the next step deeper into this lab. More on that in future TuesdayTOOLSday episodes!
- Shameless plug: All of this walkthrough content lives at 7MinSec.club. Subscriptions are free, and subscribing just means you get an email when I publish new content. No spam, no sales pitches — just hacking stuff. (And if you want to financially support the show, there's a paid tier too. Just sayin'.)
- Life update: We've moved into funeral planning mode. My dad, thankfully, had already mapped out his whole service — the pastor, the verses, everything — which has made things a little easier. We're picking photos for a tribute slideshow and I've been asked to share some words and sing a song. The song I chose is "Jesus, Savior, Pilot Me" — which my dad once described as "that song about Jesus flying airplanes." (He wasn't wrong. Sort of.) I've been practicing it all week and can barely make it through verse two. Prayers, good vibes, and a large supply of Kleenex would be appreciated.
Again, you can find the Dracarys lab here. And if you're not already on 7MinSec.club, come hang out — that's where the deeper dives live.