Today we live-hack an SCCM server via GOAD SCCM using some attack guidance from Misconfiguration Manager!  Attacks include:

• Unauthenticated PXE attack
• PXE (with password) attack
• Relaying the machine account of the MECM box over to the SQL server to get local admin