Oddvar Moe
Oddvar Moe
Added AllExtendedRights to computers even if LAPS is not installed in the environment.
https://twitter.com/Hexacorn/status/1357997809207803906 https://twitter.com/infosecn1nja/status/1358250898191835136 https://twitter.com/Hexacorn/status/1358074716146302976
split commands into command, argument structure, and example. i.e. Command: cmstp.exe; ArgStructure: /ini /s ; Example: cmstp.exe /ini /s c:\cmstp\CorpVPN.inf [ ] Provide the project in DB format (sqlite)
Add a guid field on every yaml file, making sure every one has a unique identifier. Can use new-guid in powershell for instance...
Specific tags/labeling for specific capability caveats, for example a App Whitelist bypass that works on AppLocker & Solidcore could cary tags for each product
Add information about the privileges required. For instance, does it require admin access or not.
Rpcchangepwd can be used to change account passwords over MS-RPC instead of using smbpasswd. Blog post here with more details about the usage: https://www.trustedsec.com/blog/diving-into-pre-created-computer-accounts/
You get this error message: /usr/lib/python2.7/dist-packages/requests/__init__.py:91: RequestsDependencyWarning: urllib3 (1.25.6) or chardet (3.0.4) doesn't match a supported version! RequestsDependencyWarning) The fix for me was to run the following command: pip install...
Investigate if there are better ways to figure out if a folder is writeable or not in Constrained Language Mode.