What can attackers do with admin access?
Attackers with admin access can exploit vulnerabilities, steal credentials, create backdoors, issue unauthorized commands, and execute arbitrary code with administrator privileges. They can abuse a legitimate Domain Administrator account, such as by exploiting vulnerabilities on Active Directory or using password dump tools like mimikatz . Attackers may also create a backdoor disguised as a legitimate Domain Administrator account, known as a "Golden Ticket," to gain long-term administrative privilege . In addition, attackers can issue unauthorized commands and execute arbitrary code on client systems with administrator privileges, if they exploit design flaws and vulnerabilities in remote administration products . These actions allow attackers to infiltrate an organization's network, exploit sensitive information, and potentially cause significant damage to the network .
Answers from top 4 papers
Papers (4) | Insight |
---|---|
Open access•Dissertation 01 Jan 2012 9 Citations | The provided paper does not specifically mention what attackers can do with admin access. The paper focuses on the deployment of honeypots and gathering information about attackers, rather than discussing the actions attackers can take with admin access. |
28 Feb 2011 | Attackers with admin access can issue unauthorized commands to remote administration tools like Absolute Manage, allowing them to take control of client machines and execute arbitrary code with administrator privileges. |
01 Nov 2018 7 Citations | Attackers with admin access can exploit vulnerabilities in Active Directory, steal credentials using password dump tools, and create backdoors to maintain long-term administrative privileges. |
The provided paper does not explicitly mention what attackers can do with admin access. |