Retrieving Passwords From Veeam Backup Servers

Firstly before we get into recovering passwords from the veeam servers we have to think why is this technique so important to know?

It’s not what you think, so if you are a red teamer/penetration tester then sure you are going to want to know this to support your goals. But the real value in knowing this is to drive home a specific message.

DO NOT (PRODUCTION) DOMAIN JOIN BACKUP SERVERS

Veeam expicitly suports not being on a domain for this very reason. Why Dan? Why is it so important to not (PRODUCTION) domain join them? Well my friends, if a threat actor gets into your network, gains high priviledge access to active directory and get’s onto you veeam server they will probably disrupt and destroy your backup just prior to ransoming everyhing they can. You do no want this!

Read more “Retrieving Passwords From Veeam Backup Servers” →