Hi, I try to run Carbanak procedures in my lab.
When I executing metasploit module "post/windows/manage/run_as" in step 10.A.3, it seems didn't have enough permission to change firewall settings.
kmitnick is a domain admin and I also confirm that domain admins group in local administrators group (cfo). As I know that metasploit run_as module didn't include feature to bypass UAC.
May I ask why kmitnick account has high privilege to change firewall setting? Should I change any policy in Windows before I run the script?
Hi, I try to run Carbanak procedures in my lab. When I executing metasploit module "post/windows/manage/run_as" in step 10.A.3, it seems didn't have enough permission to change firewall settings.
kmitnick is a domain admin and I also confirm that domain admins group in local administrators group (cfo). As I know that metasploit run_as module didn't include feature to bypass UAC.
May I ask why kmitnick account has high privilege to change firewall setting? Should I change any policy in Windows before I run the script?