Hi, today’s tale of pentest pwnage covers a few wins and one loss:

1. A cool opportunity to drop Farmer “crops” to a domain admin’s desktop folder via PowerShell remote session
2. Finding super sensitive data by dumpster-diving into a stale C:\Users\Domain-Admin profile
3. Finding a vCenter database backup and being unable to pwn it using vcenter_saml_login