7MS #674: Tales of Pentest Pwnage – Part 71

Today's tale of pentest pwnage is another great one! We talk about:

• The SPNless RBCD attack (covered in more detail in this episode)
• Importance of looking at all "branches" of outbound permissions that your user has in BloodHound
• This devilishly effective MSOL-account-stealing PowerShell script (obfuscate it first!)
• A personal update on my frustration with ringing in my ears