SCCM

Tools

Netexec

Requires Domain Admin or Local Admin Priviledges on target Domain Controller

#~ nxc smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --sccm
#~ nxc smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --sccm disk
#~ nxc smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --sccm wmi

Recon - pssrecon

GitHub - slygoo/pssreconGitHub

CCMPwn

GitHub - mandiant/ccmpwnGitHub

SCCMHunter

GitHub - garrettfoster13/sccmhunter at devGitHub

SCCMSecrets

GitHub - synacktiv/SCCMSecrets: SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.GitHub

Resources

SCCM / MECM | The Hacker Recipes

SCCM / MECM LAB - Part 0x3 - Admin UserMayfly