Attacking Active Directory - GPP Credentials
Group Policy Preferences / GPP can be used to set passwords for local accounts in an active directory environment, among other things. These passwords are stored in a way that any user or machine can retrieve them and decrypt them, resulting in privilege escalation or lateral movement for an attacker. This method is extremely useful for pentesting active directory environments and real world pentesting.
PowerSploit: https://github.com/PowerShellMafia/Po...
Having issues downloading PowerSploit in PowerShell from TLS errors? Try these commands:
1. [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls, [Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12, [Net.SecurityProtocolType]::Ssl3
2. [Net.ServicePointManager]::SecurityProtocol = "Tls, Tls11, Tls12, Ssl3"
Join my new Discord server: discord.gg/9CvTtHqWCX
Follow me on Twitter for updates: / 0xconda
If you found this video helpful and would like to support future creations, please considering visiting the following links:
Buy Me a Coffee: https://www.buymeacoffee.com/conda
Check out Impacket: https://github.com/SecureAuthCorp/imp...
00:00 What are GPP credentials?
03:48 Lab setup
07:34 Exploiting GPP credentials
#Pentesting #ActiveDirectory
Смотрите видео Attacking Active Directory - GPP Credentials онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь Conda 03 Январь 2022, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 9,713 раз и оно понравилось 326 людям.