|
|
|
|
|
|
by tamimio
896 days ago
|
|
|
Ok but it assumes the domain is compromised as stated in the article, and if the domain controller is compromised, it’s a game over for connected machines hence these attacks usually focus on domain admin or schema admin.
Edit: it seems the second non-biometric method doesn’t need domain, it’s still however need that local access > S-1-5-21-505269936… Kind of off topic but around 20years ago when I had my first portable harddisk, I used this method by creating these type of folders and remembering the numbers sequence in a creative way to hide my files when traveling/crossing borders while putting some decoy files in the plain sight, before knowing/using data encryptions, and it worked, I remember the agent taking my hdd and seeing him going through the decoy files and then returning my hdd normally. |
|
|
> "We recently conducted a penetration test with the goal of compromising the internal network of a client in a Windows environment. As usual, we managed to get administrative access to the domain controller"
This article feels like click-bait, when they buried the lede.