In order to provide a PoC that non-administrative access still can result in huge data breaches I present to you
The Hidden PP Attack
A one liner PoSh command that can be executed from a Teensy/Rubber Ducky which leaves the machine open to injections of PoSh code remotely. Quite happy with this project so I thought id drop it here. Ive lurked remotely without an account for some time without contributing, so... here you are
https://simpleinfosec.com/2018/01/09/the-hidden-pp-attack-a-non-administrative-remote-shell-for-data-exfiltration/
https://github.com/secsi/HIDdenPPAttack