lefayjey / linWinPwn

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
MIT License
1.83k stars 266 forks source link

About the tool specific suggestions for improvement #12

Closed JacHeiuang closed 1 year ago

JacHeiuang commented 1 year ago

This is really a great project, it helped me a lot in the real world, if I am free I am very willing to help you improve and improve this project, here I would like to make a few small suggestions for continued progress The first point, you can continue to add more AD domain vulnerability detection in the vuln_checks module, such as HiveNightmare, Printspooler family (Nightmare and Demon) and Exchange server vulnerability detection, which is very important, because in reality Exchange is very high privilege, and easy to to attack and if the attack is successful very easy to threaten the domain controller, so I felt the need to add a check for Exchange vulnerability (CVE-2018-8581, CVE-2020-0688, CVE-2020-16875, CVE-2021-34473, CVE-2021-26855/CVE-2021-27065, CVE-2022-41040/CVE-2022-41082) The second point is that I think we can add an automated capture of all tour passwords in the pwd_dump module, which can be combined with LaZagne, which is a great tool, you know, in the actual infiltration of the tour passwords are likely to be a breakthrough!!! So I think it's feasible

Having said that, I hope very much that this tool will get better and better, and thank you very much for your open source spirit, keep moving!!!

Translated with www.DeepL.com/Translator (free version)

lefayjey commented 1 year ago

Duplicate issue