Windows Logo

Escalating Privileges to Domain Admin

This method may benefit from some social engineering but will require local Administrator on an machine within the network. Social engineering can be used to speedup the process of enticing a Domain Admin (DA) to login to a system and in-return provide us DA rights. Should you need to obtain local Administrator privileges and you […]

Windows Logo

Gaining entry into Windows as Administrator

This is an old but still relevant method of gaining access to an local Administrator account on any windows machine running Vista on-wards. Note: This method will only work when Bitlocker is not enabled on the machine. You can either use a live CD or Windows PE (From Windows installation media), this guide will use […]

Windows Logo

Setting up Sysinternals

Whilst Sysinternals can be downloaded and ran from the location to which they are extracted to, there is more preferable way to install on a system in which they will be used more frequently. Download Sysinternals from: https://docs.microsoft.com/en-us/sysinternals/ Extract the downloaded zip contents to: C:\Program Files (x86)\SYSINT Extracting to this directory is useful for white-listing Run […]

Connecting to Windows Internal Database (WID)

Whilst trying to figure out issues with a service which uses Windows Internal Database (WID) I came into the issue of actually connecting and managing it… Steps to connect to WID: Download and install Microsoft SQL Server Manager (found here) onto the machine hosting the instance Run Microsoft SQL Server Manager (SSMS) as Administrator (if […]

Automating Log File Archiving – PowerShell

The purpose of this PowerShell script was to automate the cleaning of logs files by zipping them and shipping them to another folder or drive, but to also give the option to delete the source files after being processed. The script has the option to group the files by the day they were written or […]