InfoSec LAB

Axlle_User_Privileges_jacob.greeny

Created: 2 min read

jacob.greeny

Checking for user privileges of the jacob.greeny user after making the Lateral Movement

*Evil-WinRM* PS C:\Users\jacob.greeny\Documents> whoami /All
 
USER INFORMATION
----------------
 
User Name          SID
================== =============================================
axlle\jacob.greeny S-1-5-21-1005535646-190407494-3473065389-1120
 
 
GROUP INFORMATION
-----------------
 
Group Name                                  Type             SID                                           Attributes
=========================================== ================ ============================================= ==================================================
Everyone                                    Well-known group S-1-1-0                                       Mandatory group, Enabled by default, Enabled group
BUILTIN\Remote Management Users             Alias            S-1-5-32-580                                  Mandatory group, Enabled by default, Enabled group
BUILTIN\Users                               Alias            S-1-5-32-545                                  Mandatory group, Enabled by default, Enabled group
BUILTIN\Pre-Windows 2000 Compatible Access  Alias            S-1-5-32-554                                  Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NETWORK                        Well-known group S-1-5-2                                       Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users            Well-known group S-1-5-11                                      Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization              Well-known group S-1-5-15                                      Mandatory group, Enabled by default, Enabled group
AXLLE\App Devs                              Group            S-1-5-21-1005535646-190407494-3473065389-1108 Mandatory group, Enabled by default, Enabled group
AXLLE\Employees                             Group            S-1-5-21-1005535646-190407494-3473065389-1103 Mandatory group, Enabled by default, Enabled group
Authentication authority asserted identity  Well-known group S-1-18-1                                      Mandatory group, Enabled by default, Enabled group
Mandatory Label\Medium Plus Mandatory Level Label            S-1-16-8448
 
 
PRIVILEGES INFORMATION
----------------------
 
Privilege Name                Description                    State
============================= ============================== =======
SeMachineAccountPrivilege     Add workstations to domain     Enabled
SeChangeNotifyPrivilege       Bypass traverse checking       Enabled
SeIncreaseWorkingSetPrivilege Increase a process working set Enabled
 
 
USER CLAIMS INFORMATION
-----------------------
 
User claims unknown.
 
Kerberos support for Dynamic Access Control on this device has been disabled.

The jacob.greeny user is part of both AXLLE\App Devs and AXLLE\Employees groups The user also has SeMachineAccountPrivilege access

Interactive Graph View

Backlinks