From 270d48117574f63dc79eba6f4a718639aadf414b Mon Sep 17 00:00:00 2001 From: Scott Sutherland Date: Mon, 18 Jul 2022 17:18:23 -0500 Subject: [PATCH] Update README.md --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3a7b0f2..9b44e72 100644 --- a/README.md +++ b/README.md @@ -33,10 +33,12 @@ Below is some additional background:
* Domain Users can also create up to 10 computer accounts by default that get placed in the Domain Computers group * Domain Users that have local administrative access to a domain joined computer can also impersonate the computer account. -Please Note: Share permissions can be overruled by NTFS permissions. Also, be aware that testing excluded share names containing the following keywords: "print\$", "prnproc\$", "printer", "netlogon",and "sysvol". +Please Note: Share permissions can be overruled by NTFS permissions. Also, be aware that testing excluded share names containing the following keywords: 
print$, prnproc$, printer, netlogon,and sysvol
High Risk Shares
-In the context of this report, high risk shares have been defined as shares that provide unauthorized remote access to a system or application. By default, that includes wwwroot, inetpub, c\$, and admin\$ shares. However, additional exposures may exist that are not called out beyond that. +In the context of this report, high risk shares have been defined as shares that provide unauthorized remote access to a system or application. +By default, that includes the shares 
 wwwroot, inetpub, c$, and admin$
+However, additional exposures may exist that are not called out beyond that. # Example Commands Important Note: All commands should be run as an unprivileged domain user.