This will be short and sweet and I only post it because it’s hard to find via google but should be base knowledge for any hacker. SysInternals is your friend. If it’s on the box or you can drop it there it gives pretty complete control at a very granular level. Even if you drop […]
On a recent hacking challenge I was presented with a privesc scenario where I had already compromised a low privileged user with the tools available in Impacket. The user (a service account) had access to winrm and therefore had a semi-functional shell but no access to rdp or smb shares. The network had a default […]
