Collaborate Disseminate
In terms of best practices, which one is recommended:
Multiple service accounts with domain admin privileges
One service account with domain admin privileges
Continue reading Is it better to have one or multiple domain admin accounts? [closed]
As part of a challenge, I need to access a file which is owned by BUILTIN\Administrators on a DC.
I mounted the C$ share from another workstation, with the domain account I have, unfortunately I receive access denied when I attempt to acce… Continue reading Access file owned by BUILTIN\Administrators
At work, our developers are local administrators on their Windows 10 machine. This is risky since we want to somewhat mitigate risks such as drive-by-download, but we also want productivity and some degree of freedom so we don’t want to fo… Continue reading Set up Developers with separate local admin accounts [migrated]
I am a low-level system administrator for a new college Learning Management System, or LMS.
(An LMS is the platform used by professors to post their syllabi, lecture notes, assignments, grades, announcements, etc.)
I do no… Continue reading Can (or should) a system admin test a login before sending login info to users?
Imagine having access to a workstation with local admin permissions.
Let’s say that no domain user is going to login – no keylogging.
Also, the workstation had a restart – mimikatz return only computer account cred.
What is… Continue reading Preferred way of getting domain admin after client workstation local admin owned
This week, a tool that finds vulnerable robots on the internet, a new exploit that threatens over 9,000 Cisco Routers, apple turns of group FaceTime after an eavesdropping bug, wordpress sites under attack via Zero-Day in abandoned plugin, and Open… Continue reading OpenBMC, Cisco Routers, & Abusing Exchange – Hack Naked News #205
At my workplace, users on most workstations (Win7 and 10 blend) do not have local admin rights. As a technical team we often need this for software installs, and so the director gets called around to enter credentials. Not on… Continue reading My boss installs software using domain admin. Should I show that this is bad?
I’ve compromised a Windows machine that leaks the password of a privileged service account (“Domain Admin”) in memory (legal penetration test).
Since the account is a service account, it cannot be used to log into the machin… Continue reading How to run command as privileged Windows service account against Active Directory domain controller?
Say you have this:
An NPS server that grants access to users using client certificates (EAP-TLS).
So say someone managed to snatch the domain administrator’s password. So he logs into the computer using the domain Administ… Continue reading Is there a more secure way for users to log into the domain other than just passwords?
Say you have this:
An NPS server that grants access to users using client certificates (EAP-TLS).
So for example someone managed to snatch the domain administrator’s password and they log in to the computer using the domai… Continue reading Is there a more secure way for users to log into the domain other than just passwords?