7MS #689: Pwning Ninja Hacker Academy – Part 2

Hello friends!  Today your friend and mine, Joe “The Machine” Skeen joins me as we keep chipping away at pwning Ninja Hacker Academy!  Today’s pwnage includes:

• “Upgrading” our Sliver C2 connection to a full system shell using PrintSpoofer!
• Abusing nanodump to do an lsass minidump….and find our first cred.
• Analyzing BloodHound data to find (and own) excessive permissions against Active Directory objects