Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix abuse info around read LAPS password narrative #1018

Open
wants to merge 4 commits into
base: main
Choose a base branch
from

Conversation

JonasBK
Copy link
Collaborator

@JonasBK JonasBK commented Dec 16, 2024

Description

  • Cover Windows LAPS in read LAPS password abuse info
  • Remove incorrect non-LAPS computer abuses for AllExtendedRights
  • Remove incorrect read LAPS abuse for domain nodes

Motivation and Context

This PR addresses: BED-5174 (#1016) and BED-5175

The current abuse information around reading LAPS password contains incorrect information and its also missing information about Windows LAPS. This PR fixes that issue.

How Has This Been Tested?

Tested with this dataset:
20241001082802_BloodHound.zip

Screenshots (optional):

image

Types of changes

  • Chore (a change that does not modify the application functionality)

Checklist:

@JonasBK JonasBK added documentation Improvements or additions to documentation ticketed (automation only) Ticket has been created internally for tracking external This pull request is from an external contributor and removed ticketed (automation only) Ticket has been created internally for tracking labels Dec 16, 2024
Cover Windows LAPS, remove non-LAPS computer abuses for AllExtendedRights, remove LAPS abuse for domain nodes.
@JonasBK JonasBK force-pushed the all-extended-rights branch from 93b8d69 to 3bf265a Compare December 20, 2024 06:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation Improvements or additions to documentation external This pull request is from an external contributor
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant