Hello and welcome to this course in which we're talking about Python for initial access. In this video, we're going to be talking about valid accounts, and how they can be useful to attackers attempting to achieve initial access to a target network or system. Valid accounts are an necessary weakness in an organization's defenses. On the one hand, users need access to certain network systems, applications, et cetera, to do their jobs. If you can't login to your work computer, or access the sensitive part of the company's network, or login to the cloud-based services that your company uses like webmail, then you're not going to be very effective at doing your job. However, these accounts that users need to have access to, also are a weakness in an organization systems. Because if an attacker can gain access to a user account, then they have the same level of access and permissions as the legitimate user on the system. For this reason, attackers will commonly target these legitimate user accounts as part of their attack campaigns. One of the reasons is that user passwords are relatively easy for an attacker to compromise. There's a variety of different ways that an attacker can gain access to a user password. Many of them are for sale on the Dark Web because users frequently reuse the same password across multiple different accounts. For passwords compromised on one account, it's compromised on every other account with the same credentials. Similarly, another problem is that users often use weak passwords. If an attacker can identify a weak password that a user uses on a corporate account, then it's easy to brute force or guess that password and gain access to that account. Also methods like phishing, where the user provides the legitimate username and password for their account to the attacker voluntarily. This ease of access to user accounts makes it a viable attack vector but user accounts and using these valid accounts is also a desirable attack vector for an attacker. They get the same permissions as the user, and they're much more difficult for an organization to detect. If you're, for example, pounding on an organization's web application trying to find an SQL injection vulnerability, or similar hole in their defenses. You're being pretty noisy and relatively easily to detect. Even if you happen to find a successful SQL injection vulnerability on your first try, many cyber-security systems will either try to block or at least detect the SQL injection exploit so that the organization can respond accordingly. On the other hand, if you're logging in using RDP, VPN, or some similar remote access tool as a legitimate user on the system, then it's much more difficult to differentiate you from the legitimate owner of that account who might be working from home as well. The use of valid accounts is a viable way for an attacker to gain initial access to an organization's network and systems. There's a variety of different ways that an attacker could gain these valid accounts so they can target default accounts. For example, many different services have default usernames and passwords that are set for them that should be changed after the fact. If an attacker can look up these default account credentials, which are often publicly available on the internet. They can then use those to test if systems still have those built-in credentials unchanged. It's also the potential for accessing domain accounts, local accounts on a system, or accounts for cloud based infrastructure. We're talking about valid accounts here because we're going to be using Python to attempt to identify weak or default accounts on a target system, which could allow an attacker to successfully authenticate, and then use the legitimate permissions and access associated with that account to perform their attacks. Thank you.
