Martin Sohn Christensen

Tested and works on latest W10 and Domain+Forest functional level 2016. The bug was introduced in #12. Using ADSI, like in this commit, is a better solution than #24 which...

From Steve Syfuhs, working with Windows and Authentication at Microsoft: >_It does nothing. It’s a literal no-op. A gMSA is not bound to the machine like an MSA. There is...

Hi @ncha-syn, thank you for the PRs! It's a good idea. We discussed it internally and would love to see it implemented if there is a reliable abuse mechanism. Do...

Hi @ncha-syn, any update on a PoC writeup? I attempted to reproduce [your abuse guidance](https://github.com/SpecterOps/BloodHound/pull/2046/commits/f917fc5e53b54372be6eb68c58e91ea14f3fada1#diff-a1fe24382a593aa437c1229a6b5b3e7750fd9d0a0f1dff2fae4ef886d4ee8dcdR34) but failed. I followed this approach: 1. On the domain-joined AttackerHost, created `\\AttackerHost\\share` and added...

I'm sure you know but for good measure... As a workaround; You can run this Cypher query after replacing the `n.name` with your desired node. ``` MATCH p=(n)-[r]->(m) WHERE n.name...

Hi @xyplex , I think you're off here. Your Cypher query, **or the one below**, can return a User with DCSync rights no matter if First Degree Outbound/Inbound is implemented...