Comment on page

Post-Exploitation

Enumerate RDP Users Group
Get-NetLocalGroupMember -ComputerName ACADEMY-EA-MS01 -GroupName "Remote Desktop Users"
Enumerate WinRM Group
Get-NetLocalGroupMember -ComputerName ACADEMY-EA-MS01 -GroupName "Remote Management Users"
SQL Server
# Import Module
Import-Module .\PowerUpSQL.ps1
​
# Enumerate SQL Instance
Get-SQLInstanceDomain
​
# mssqlcient
 mssqlclient.py INLANEFREIGHT/DAMUNDSEN@172.16.5.150 -windows-auth
​

Bleeding Edge Vulnerabilities

Access Control Lists and Entries (ACL & ACE)

Last modified 5mo ago