Red Team Gold Extracting Credentials from MDT Shares

Source provenance. Raw material catalogued for the wiki ingest pipeline. Lives offline at raw_sources/offensive-security/ingested/Red Team Gold_ Extracting Credentials from MDT Shares.md.

Status: integrated

Excerpt

When it comes to targeting enterprise deployment infrastructure during a Red Team engagement, SCCM (System Center Configuration Manager) tends to get all the love. There’s a lot of research, tradecraft and blog post write-ups covering SCCM misconfigurations, credential exposure, and lateral movement opportunities. But while SCCM gets the spotlight, it’s often-overlooked half-cousin, **Microsof…