Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
Note: If -host-name is not specified, the tool will automatically get the domain control hostname, please select the hostname of the host specified by -dc-ip. If –impersonate is not specified, the tool will randomly choose a doamin admin to exploit. Use ldaps by default, if you get ssl error, try add -use-ldap .
Find the computer that can be modified by the current user.
-no-add and target with
Find CreateChild account, and use the account to exploit.