Attacking Active Directory - GPP Credentials
Group Policy Preferences / GPP can be used to set passwords for local accounts in an active directory environment, among other things. These passwords are stored in a way that any user or machine can retrieve them and decrypt them, resulting in privilege escalation or lateral movement for an attacker. This method is extremely useful for pentesting active directory environments and real world pentesting.
PowerSploit: https://github.com/PowerShellMafia/Po...
Having issues downloading PowerSploit in PowerShell from TLS errors? Try these commands:
1. [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls, [Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12, [Net.SecurityProtocolType]::Ssl3
2. [Net.ServicePointManager]::SecurityProtocol = "Tls, Tls11, Tls12, Ssl3"
Join my new Discord server: discord.gg/9CvTtHqWCX
Follow me on Twitter for updates: / 0xconda
If you found this video helpful and would like to support future creations, please considering visiting the following links:
Buy Me a Coffee: https://www.buymeacoffee.com/conda
Check out Impacket: https://github.com/SecureAuthCorp/imp...
00:00 What are GPP credentials?
03:48 Lab setup
07:34 Exploiting GPP credentials
#Pentesting #ActiveDirectory
Watch video Attacking Active Directory - GPP Credentials online without registration, duration hours minute second in high quality. This video was added by user Conda 03 January 2022, don't forget to share it with your friends and acquaintances, it has been viewed on our site 9,713 once and liked it 326 people.