⚔️
DWSec Wiki
  • Welcome to the DWSec Notes
  • Windows Privilege Escalation
  • Active Directory
    • Fundamentals
      • Introduction
      • Protocols
      • Authentication
      • Glossary of terms
      • Objects
      • AD CS
    • Pentest Methodology
    • Insecure Logins
    • Bloodhound & ldapdomaindump
    • NTLMRelaying (445)
    • SMB Coercing (445)
    • Pre2k
    • DACL Abuse
    • Kerberoasting
    • Utility Tools
    • Powershell
  • Networking
    • Fundamentals
    • Pivoting, Tunneling and Portforwarding
    • DNS
    • Ligolo-ng
    • Toolbox
    • Protocols
      • 80/443 - HTTP/HTTPS
      • 389 - LDAP
      • 445 - SMB
  • Web
    • Active Enumeration
    • Passive Enumeration
  • ADPwn
  • Tools
    • Tools overview
Powered by GitBook
On this page

Was this helpful?

  1. Active Directory

Pre2k

PreviousSMB Coercing (445)NextDACL Abuse

Last updated 5 months ago

Was this helpful?

Authenticated Users -> Pre-Windows 2000 Compatible Access Group is very dangerous

Results in a FULL read permission for the authenticated users for every object in the domain

Can be used to access information from sensitive attributes

Ressources:

Understanding the Risks of Pre-Windows 2000 Compatibility Settings in Windows 2022 | SemperisSemperis
Bloodhound Pre2k scenario
Logo