search

gwen001 / offsectools_www

A vast collection of security tools and resources curated by the community.
https://offsec.tools
182 stars 23 forks source link

[addtool] Prenum #1222

Closed piyush-security closed 1 year ago

piyush-security commented 1 year ago

[link] https://github.com/4ndr34z/prenum [/link]

[tags] windows, activedirectory [/tags]

[short_descr] The perils of the Pre-Windows 2000 compatible access group in a Windows Domain. [/short_descr]

[long_descr] Functions :

=> Full AMSI-Bypass => Reflectively loading Rubeus and Certify => Enumerate and test all computers in AD; check if their password is the same as the computername => Enumerate all users in AD; check if the password is blank => Passwordspray all users in AD => Request Kerberos TGT for computer and/or user-accounts found vulnerable (Using Rubeus) => Test for vulnerable certificate templates (Using Certify) => Do simple LDAP searches => Run any Rubeus command => Run any Certify command

[/long_descr]

[image] image [/image]

gwen001 commented 1 year ago

Issue correctly handled, tool is waiting for human validation.

gwen001 commented 1 year ago

Tool has been accepted by the team: http://localhost:3000/tool/prenum

Thank you for your contribution!

gwen001 commented 1 year ago

Tool has been accepted by the team: https://offsec.tools/tool/prenum

Thank you for your contribution!