Skip to content

Horizon3.ai Docs

H3-2022-0084

Horizon3.ai Docs

Welcome
Getting Started
Getting Started
- Register an Account
  Register an Account
- Run an External Pentest
  Run an External Pentest
- Setup NodeZero Host
  Setup NodeZero Host
- Run an Internal Pentest
  Run an Internal Pentest
- Run an AD Password Audit
  Run an AD Password Audit
- Run 1-click Verify
  Run 1-click Verify
- NodeZero Portal Access Control
  NodeZero Portal Access Control
  - User Personas
  - User Management
  - Single Sign-On (SSO)
  - Identity Provider Guides
    Identity Provider Guides
    
    Azure
    
    Okta
Reference
Reference
- API
  API
  - CLI Tool
    
    CLI Tool
    
    Getting Started
    
    Guides
    Guides
    
    Automate NodeZero Deployment
    
    Scheduling from CLI
    
    Monitor Pentests
    
    Paginate Results
  - API Reference
    
    API Reference
    
    Authenticate
    
    Getting Started
    
    GraphQL API
- Automate Scheduling
  Automate Scheduling
- Attack Configuration
  Attack Configuration
  - Remote Access Tool
- BloodHound
- Glossary
- Horizon 3 Weaknesses
  Horizon 3 Weaknesses
- Injecting Credentials
  Injecting Credentials
  - Injecting an AWS Role
- Phishing Impact Test
  Phishing Impact Test
  - The NodeZero Phishing Script
- NodeZero Modules
  NodeZero Modules
  - Cyanide
- Notifications
  Notifications
- Media
  Media
- Templates
  Templates
- Release Notes
  Release Notes
  - 2024.04
  - 2024.03
  - 2024.02
  - 2024.01
Downloads
Downloads

H3-2022-0084

Credential Reuse - Windows Local Administrator Accounts


Category	`CREDENTIALS`
Base Score	`9.0`

Description

A local user credential from one Windows machine was re-used to access another Windows machine with local administrator privileges.

Impact

Attackers take advantage of credential reuse to move laterally from machine to machine within the environment. When the re-used credential is that of a local administrator, attackers can fully compromise many machines in the environment with a single credential in hand.

References