Vulnlab | Baby2 - Logon Scripts, WriteDACL, Shadow Credentials & GPOs
Вставка
- Опубліковано 5 сер 2024
- This video is a walkthrough on Baby2, a vulnerable machine on Vulnlab that involves Password Spraying, Logon Scripts, WriteDACL, Shadow Credentials & GPOs.
[ Timestamps ]
00:00 - Intro & General Enumeration
01:28 - Password Spraying
02:34 - Bloodhound & modifying a logon script
06:57 - Shell & more Bloodhound
09:07 - WriteDACL & Shadow Credentials
12:35 - GPOs
[ Pentesting & Red Teaming Labs ]
• vulnlab.com
[ Discord ]
• / discord
[ Desktop ]
• github.com/xct/kali-clean
• www.yuumeiart.com/
[ About ]
• vulndev.io
• / xct_de
• github.com/xct
This is purely educational content - all practical work is done in environments that allow and encourage offensive security training.
👏 great video as always
you inspire me so much❤
The king of hacking!!!! Greetings boss! ❤
Hi xct, thanks for another awesome video. I wanted to mention that the newest version of bloodhound that's hosted in docker has a feature where you can ignore suggested edges, so with it you could just turn off the rdp branch to see if bloodhound has any other suggestions for owning the high value target with the Amelia account. Happy hacking 🎉
Which theme are you using for vscode? This looks very nice.
Hi xct, for cleanup purposes, do you happen to know if the created scheduled task from pygpoabuse is deleted afterwards? Also, in a real world scenario, would this scheduled task run on every machine that the gpo applies to?
xct, ipp and ÁUß