I recently came across a peculiar scenario that caused me to have to think a little outside the box. I was able to obtain credentials for an account that was part of the “Account Operators” group. Here is Microsoft’s description of that group: The Account Operators group grants limited account creation privileges to a user….
n00py Blog- Bypassing Amazon Kids+ Parental Controls
- Bypassing Okta MFA Credential Provider for Windows
- CactusCon 2023: BloodHound Unleashed
- Exploiting Resource Based Constrained Delegation (RBCD) with Pure Metasploit
- Practical Attacks against NTLMv1
- Password Spraying RapidIdentity Logon Portal
- Manipulating User Passwords Without Mimikatz
- Unauthenticated Dumping of Usernames via Cisco Unified Call Manager (CUCM)
- Adding DCSync Permissions from Linux
- Resetting an Expired Password Remotely