Backup Operator
What to do when you have SeBackupPrivilege and SeRestorePrivilege
With WBAdmin
Reference: https://gist.github.com/manesec/9e0e8000446b966d0f0ef74000829801
Setup local SMB share
# Create 2G Disk
dd if=/dev/zero of=ntfs.disk bs=1024M count=2
# Mount disk
sudo losetup -fP ntfs.disk
# Check Mount
losetup -a
# format ntfs
sudo mkfs.ntfs /dev/loop0
# Mount
sudo mount /dev/loop0 smb/
# Check mount
mount | grep smbAdd in /etc/samba/smb.conf:
Create SMB user:
Mount local share in machine
Perform backup and restore
Get hashes
Download NTDS and SYSTEM:
Get hashes:
With ShadowCopy
Last updated