- PUBLISHED ON
- Blog Published on:
RustyKey is an assumed-breach AD box using Kerberos. Timeroast cracked IT-COMPUTER3 computer account, added to Helpdesk, removed groups from Protected Objects to reset BB.MORGAN and EE.REED passwords. Gained WinRM and RunasCs shells, abused writable 7-Zip registry DLL paths to escalate to MM.TURNER, then performed RBCD to impersonate DC and get Admin.