Added SeMachineAccountPrivilege to localmachine ingestor, but no edge…

…s yet
lkarlslund · Jan 8, 2024 · 06416d5 · 06416d5
1 parent 6ea7c30
commit 06416d5
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/modules/integrations/localmachine/analyze/import.go b/modules/integrations/localmachine/analyze/import.go
@@ -219,6 +219,10 @@ func ImportCollectorInfo(ao *engine.Objects, cinfo localmachine.Info) (*engine.O
 			pwn = EdgeSeTakeOwnership
 		case "SeTrustedCredManAccess":
 			pwn = EdgeSeTrustedCredManAccess
+		case "SeMachineAccountPrivilege":
+		// Join machine to domain
+
+		// pwn = EdgeSeMachineAccount
 		case "SeTcbPrivilege":
 			pwn = EdgeSeTcb
 		case "SeIncreaseQuotaPrivilege", "SeSystemProfilePrivilege", "SeSecurityPrivilege", "SeSystemtimePrivilege", "SeProfileSingleProcessPrivilege", "SeIncreaseBasePriorityPrivilege", "SeCreatePagefilePrivilege", "SeShutdownPrivilege", "SeAuditPrivilege", "SeSystemEnvironmentPrivilege", "SeChangeNotifyPrivilege", "SeRemoteShutdownPrivilege", "SeUndockPrivilege", "SeCreateGlobalPrivilege", "SeIncreaseWorkingSetPrivilege", "SeTimeZonePrivilege", "SeCreateSymbolicLinkPrivilege", "SeInteractiveLogonRight", "SeDenyInteractiveLogonRight", "SeDenyRemoteInteractiveLogonRight", "SeBatchLogonRight", "SeServiceLogonRight", "SeDelegateSessionUserImpersonatePrivilege", "SeLockMemoryPrivilege", "SeDenyNetworkLogonRight", "SeTrustedCredManAccessPrivilege", "SeDenyBatchLogonRight", "SeDenyServiceLogonRight", "SeRelabelPrivilege":