Our great sponsors
-
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
If that doesn’t work you can use Rubeus (https://github.com/GhostPack/Rubeus) to request a TGT (asktgt) in import into memory (ptt) and the run Remove-ADGroupMember to remove your admin from the Protected Users group. Easier than going into recovery.
Compile Rubeus or download from https://github.com/Flangvik/SharpCollection Beware that AV/EDR might flag as malware. Run: Rubeus.exe hash /password:Password123! /user:harmj0y /domain:testlab.local Get the AES hash. Use the hash in next command: Rubeus.exe asktgt /user:dfm.a /domain:testlab.local /aes256:e27b2e7b39f59c3738813a9ba8c20cd5864946f179c80f60067f5cda59c3bd27 /createnetonly: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe PowerShell is now spawned and you can run Remove-ADGroupMember is ADDS RSAT tools is installed. Otherwise, install them first.