Today we’re talking pentesting – specifically some mini gems that can help you escalate local/domain/SQL privileges:

• Check the C: drive! If you get local admin and the system itself looks boring, check root of C – might have some interesting scripts or folders with tools that have creds in them.
• Also look at Look at Get-ScheduledTasks
• Find ids and passwords easily in Snaffler output with this Snaffler cleaner script
• There’s a ton of gold to (potentially) be found in SQL servers – check out my notes on using PowerUpSQL to find misconfigs and agent jobs you might able to abuse!