When good turns evil

Having control of your machines and security is crucial in this age.

What if your protection is opening you up for exploition?

Rapiud 7 InsigtVM https://docs.rapid7.com/insightvm/authentication-on-windows-best-practices/

Note: If you are not using administrator permissions then you will not be granted access to administrator shares and non-administrative shares will need to be created for read access to the file system for those shares.

For scanning domain controllers, you must use a domain administrator account because local administrators do not exist on domain controllers.

BMC Discovery https://docs.bmc.com/docs/discovery/112/user-privileges-and-information-access-for-windows-operating-systems-788122080.html

Local administrator discovery missing command line information using WMI If you do not get full command line information when you discover a Windows host using WMI as a local administrator, you should check that local administrators are part of the Debug Programs policy. See the Microsoft website for more information on the Debug Programs policy.

To avoid this issue, configure the BMC Discovery account to accept unlimited login attempts.

Stealing NTHash during NTLM auth

Owning everything else..