Edges
AddAllowedToAct
This edge means it’s possible to modify the msDS-AllowedToActOnBehalfOfOtherIdentity property of a target.
Abuse Info
See the AllowedToAct edge section for abuse infoOpsec Considerations
See the AllowedToAct edge section for opsec considerationsReferences
- https://eladshamir.com/2019/01/28/Wagging-the-Dog.html
- https://github.com/GhostPack/Rubeus#s4u
- https://gist.github.com/HarmJ0y/224dbfef83febdaf885a8451e40d52ff
- https://blog.harmj0y.net/redteaming/another-word-on-delegation/
- https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
- https://github.com/Kevin-Robertson/Powermad#new-machineaccount