Windows Persistence P1 | Accounts Tampering

Introduction

In this post, we presented Windows Persistence Techniques and specifically Account Tampering methods as part of TryHackMe Windows Local Persistence.

Having an administrator’s credential would be the easiest way to achieve persistence in a machine. However, to make it harder for the blue team to detect us, we can manipulate unprivileged users, which usually won’t be monitored as much as administrators, and grant them administrative privileges somehow

Notice that we assume you have already gained administrative access somehow and are trying to establish persistence from there.

Account Tampering Techniques

Assign Group Memberships
Special Privileges and Security Descriptors
RID Hijacking

Get OSCP Certificate Notes

Room Answers

Insert flag1 here

Insert flag2 here

Insert flag3 here

Video Walk-Through

Get Cyber Security Field Notes By Joining My YouTube Channel Membership

CTF Writeup, tryhackme, Windows, windows persistence

Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles

Windows Persistence Techniques | Account Tampering | TryHackMe Windows Local Persistence P1

Introduction

Account Tampering Techniques

Room Answers

Video Walk-Through

Leave a Reply Cancel reply

Motasem

About the Author

Press ESC to close

Windows Persistence Techniques | Account Tampering | TryHackMe Windows Local Persistence P1

Introduction

Account Tampering Techniques

Room Answers

Video Walk-Through

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

You might also like

Open Source Intelligence Reddit Case Study | TryHackMe Advent of Cyber

Open Source Intelligence Tools & Techniques Explained With Case Studies

WordPress XXE Vulnerability | CVE-2021-29447 TryHackMe