timwhitez starred adduserbysamr-bof
2023-2-1 15:13:5 Author: github.com(查看原文) 阅读量:33 收藏

Cobalt Strike BOF that Add a user to localgroup by samr.

Build

git clone https://github.com/AgeloVito/adduserbysamr-bof.git
make

And load adduserbysamr.cna

Usage

beacon> help adduserbysamr
Use: adduserbysamr [username] [password] [groupName]
e.g: adduserbysamr sysadmin [email protected]
     adduserbysamr sysadmin [email protected] Administrators
     adduserbysamr sysadmin [email protected] "Remote Desktop Users"

Add a user to localgroup by samr, groupName is "Administrators" by default, do not use it at AD.

image

image

Refence

https://loong716.top/posts/MS_SAMR_Tips/

https://idiotc4t.com/redteam-research/netuseradd-ni-xiang

https://learn.microsoft.com/zh-cn/windows/win32/secmgmt/built-in-and-account-domains


文章来源: https://github.com/AgeloVito/adduserbysamr-bof
如有侵权请联系:admin#unsafe.sh