3 areas Updated: Let's revisit a finding we discovered during our mapping of attack paths with BloodHound.
...
This is a tool that I recommend you read about and test extensively before trying in the "real world" as we have seen instances where manipulating a GPO has corrupted it until our changes to it could be removed.
...
Since we're in a lab environment and we’ll all be attacking the GPO at the same time, let's play with the --addcomputertask flag, which will cause the machines in the vulnerable GPO (in this case the domain controller of PT-DC01) to fire off a task of our choosing whenever the machine does a group policy update.
7MinSec
commented
1 year ago
3 areas Updated: Let's revisit a finding we discovered during our mapping of attack paths with BloodHound. ...
This is a tool that I recommend you read about and test extensively before trying in the "real world" as we have seen instances where manipulating a GPO has corrupted it until our changes to it could be removed.
... Since we're in a lab environment and we’ll all be attacking the GPO at the same time, let's play with the --addcomputertask flag, which will cause the machines in the vulnerable GPO (in this case the domain controller of PT-DC01) to fire off a task of our choosing whenever the machine does a group policy update.