Ctrlk

Work In Progress
NETWORKING
Enumeration
EXPLOITATION
Privilege Escalation
- Linux
- Windows
POST-EXPLOITATION
Lateral Movement
- Tunneling / Pivoting
- Discovery
Pentesting
DEFENSE
- SIEM
POST-ENGAGEMENT
- Cleanup

Powered by GitBook

On this page

EXPLOITATION
Active Directory

GPP/cPassword Attacks

Older attack but good to be aware of

Attack

Group Policy Preferences allowed admins to create policies using embedded credentials
Credentials were encrypted and placed in a "cPassword"
The key was accidentally released
Patched in MS14-025, but doesn't prevent previous use

gpp-decrypt

Metasploit

smb_enum_gpp (needs creds)

Defense

Patch!

Delete old GPP xml files stored in the SYSVOL

PreviousLNK File Attacks NextDumping the NTDS.dit

Last updated 4 days ago

Attack
Defense