Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enhancement: --Add Local Admin User Change #11

Open
jstigerwalt opened this issue Oct 23, 2020 · 2 comments
Open

Enhancement: --Add Local Admin User Change #11

jstigerwalt opened this issue Oct 23, 2020 · 2 comments

Comments

@jstigerwalt
Copy link

The way the admin user is added should be changed to create a group and add the user of choice into this group, then assigning the group to the local administrators.

I have only done testing around adding a user into an already created AD group, and then assigning that group to a GPO to gain access to domain controllers and servers. The current way is dangerous and will remove all previous users from the administrators group.

Using this option in an engagement is impossible due to the nature of being detected by removing admins from servers administrators group.

@Pyro57000
Copy link

Just ran into this myself. Conducting a pentes I found a GPO that authenticated users had write access to that was gplinked to the Domain Controller OU. Adding my initial breach user as a local admin kicked all domain admins out. If changing this behavior is not going to happen the documentation should be updated to reflect what is happening so that people know the implications of the attack.

@Anon-Exploiter
Copy link

++

Currently the Local Admins group is overwritten which is really bad lol

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants