You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Just an enhancement/extra thing to work on for the future. It would be nice to be able to specify the added username and password if exploitation is successful. It will be useful in larger scope engagements where 'icebreaker' will not be quite as stealthy and the password can follow domain password complexity requirements.
Also reduce the possibility that third parties can potentially access internet facing devices that have had the icebreaker account added with the hardcoded credentials.
*Edit for grammar
The text was updated successfully, but these errors were encountered:
Just an enhancement/extra thing to work on for the future. It would be nice to be able to specify the added username and password if exploitation is successful. It will be useful in larger scope engagements where 'icebreaker' will not be quite as stealthy and the password can follow domain password complexity requirements.
Also reduce the possibility that third parties can potentially access internet facing devices that have had the icebreaker account added with the hardcoded credentials.
*Edit for grammar
The text was updated successfully, but these errors were encountered: