Local Account

Adversaries may create a local account to maintain access to victim systems. Local accounts are those configured by an organization for use by users, remote support, services, or for administrative on a single system or service. With a sufficient level of access, the net user /add command can be used to create a local account.

Such accounts may be used to establish secondary credentialed access that do not require persistent remote access tools to be deployed on the system.


Working with accounts is very simple once you have reached the Administrator privileges this is a necessary requirement as we will need Administrator Permissions to create local users or to change account passwords to maintain our permissions.

The net users command is optimal here for our task at hand

Let's create a simple user with Administrator Access:

Let's check our permissions

Great we can see our user is created and has Administrator Access.

We can achieve the same goal for Domain Users as well but here we will need to reach the Domain Administrator permissions to create a user on a Domain as we currently only created a local account for the current workstation. Command is similar but we will add the "/domain" parameter onto our command to achieve this.

Last updated