GPO

This is a Medium Active Directory box where the disclosure of usernames in an open SMB share together with a weak password leads to domain access. From there, a login script is changed to execute malicious code ias another user. That user has permissive DACL rights and can create a scheduled task on a GPO that runs as NT Authority \System. ...