Secondary Categories: 02-Persistence

Local Account

Once you’ve gained administrative access to the system you can add a local account

net user ap3x Password123 /add

We can add the user we just created to the local system group.

net localgroup administrators ap3x /add

Clean up your accounts after an engagement.

net user ap3x /add

Domain Account

After obtaining domain administrator in an engagement an account can be created and added to one of the admin groups to persist on the network and perform other post exploitation actions

net user ap3x Password123 /add /domain
net group "Domain Admins" ap3x /add /domain

Another good method is to add a comment to the user account and set it to expire just in case you forget to clean up or lose access

net user ap3x /comment:"Account created during red team assesment"
net user ap3x /expires:01/01/2023

Also Check Out:

  • PLACEHOLDER