.. /
gpme.msc
Group Policy Management Editor
Domain
Group Policy Management Editor
gpme.msc /gpobject:"LDAP://CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=ad,DC=bitsadmin,DC=com"
Usecase
Execute immediate scheduled tasks on machines to launch implant
Comments
- Only possible from OffensiveDC
- Commandline launches editor for the GUID of the default domain policy; can be changed to other GUIDs to edit different policies
Mitre Att&ck
T1053.005
Detection