During a pentest, I succeeded to compromize a user with low privileges. As this is a domain user, I decided to run
BloodHound based on its credentials to check whether there is a path from this user to domain admins.
I have the
own privilege on another active directory account, which mean I should be able to change its attributes, such as
userPassword, which I did, using
ldp.exe. Unfortunately, Active Directory does not seem to allow authentication based on this LDAP attribute. So I needed to find something else.
I would like to use the MMC
Active Directory Users and Computers but i need to be logged in as a domain member, which I can’t as I would need to integrate my PC to the domain (I prefer not to do so).
which tool can I use to act/impersonate this user I am supposed to own ?