SpecterOps вновь публикует интересный ресерч. Если кратко, то рассмотрены способы получения учетных данных для NAA (учетная запись доступа к сети) с Windows машин, если они были клиентами SCCM.
https://posts.specterops.io/the-phantom-credentials-of-sccm-why-the-naa-wont-die-332ac7aa1ab9
#ad #redteam #pentest #sccm #creds
https://posts.specterops.io/the-phantom-credentials-of-sccm-why-the-naa-wont-die-332ac7aa1ab9
#ad #redteam #pentest #sccm #creds
Medium
The Phantom Credentials of SCCM: Why the NAA Won’t Die
TL;DR — Stop Using Network Access Accounts!
This media is not supported in your browser
VIEW IN TELEGRAM
Ещё один пост SpecterOps про компрометацию SCCM
https://posts.specterops.io/sccm-hierarchy-takeover-with-high-availability-7dcbd3696b43
#ad #sccm #pentest #redteam
https://posts.specterops.io/sccm-hierarchy-takeover-with-high-availability-7dcbd3696b43
#ad #sccm #pentest #redteam
Medium
SCCM Hierarchy Takeover with High Availability
TL;DR: SCCM sites configured to support high availability can be abused to compromise the entire hierarchy
Много чего про SCCM в последнее время появляется, вот еще:
Soft: https://github.com/synacktiv/SCCMSecrets
Blog: https://www.synacktiv.com/publications/sccmsecretspy-exploiting-sccm-policies-distribution-for-credentials-harvesting-initial
#pentest #redteam #ad #sccm #lateral #creds
Soft: https://github.com/synacktiv/SCCMSecrets
Blog: https://www.synacktiv.com/publications/sccmsecretspy-exploiting-sccm-policies-distribution-for-credentials-harvesting-initial
#pentest #redteam #ad #sccm #lateral #creds
GitHub
GitHub - synacktiv/SCCMSecrets: SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial…
SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement. - synacktiv/SCCMSecrets