mosler Posted February 25, 2013 Share Posted February 25, 2013 My account on the domain will be a network admin account for 10 minutes, after which it will set be back to a regular user. what can be done/installed to retain as much freedom on the machine as possible. note: any newly created accounts will be noticed, and local admin passwords changed. Quote Link to comment Share on other sites More sharing options...
no42 Posted February 25, 2013 Share Posted February 25, 2013 run WCE (Windows Credential Editor) - to dump domain hashes, and any plain text hashes on a given dc server. Quote Link to comment Share on other sites More sharing options...
ApacheTech Consultancy Posted February 25, 2013 Share Posted February 25, 2013 Dependent on circumstance: Hack the Gibson! Add a couple of 0's to your print credit reference in the database. As said above, dump every password file you can find. Run Metasploit with full admin rights. Change AD group or user policies. Find a user that hardly ever logs on, change their password and then give them Admin rights. Leave a backdoor. Hack naked! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.