Git Product home page Git Product logo

Comments (3)

the-useless-one avatar the-useless-one commented on August 11, 2024

Hi @clementsbr,

I can only guess from your message that you would like to see the Invoke-ACLScanner functionality implemented. If that's so, rejoice! I'm currently working on implementing the different PowerView ACL functionalities. You can see some of them in the get_objectacl branch.

If you use this branch for your tests and see any problems, wed' be grateful for your issues (hoping that they'll be more detailed than this one).

Cheers,

Y

from pywerview.

clementsbr avatar clementsbr commented on August 11, 2024

Essentially, using the ACL scanner to identify GPOs which have overly permissive write rules. However since get-netgpo does not return a SID and we cannot query on the GPO name/GUID I cannot validate the permissions on GPOs effectively via your python script.

from pywerview.

the-useless-one avatar the-useless-one commented on August 11, 2024

Hi @clementsbr,

Sorry I took so long to answer. You can check the ACL on a GPO using its name attribute. Here's an example where I'm looking at the Default Domain Policy:

$ python3 pywerview.py get-objectacl -t srv-ad.contoso.com -u skywalker -p $PASSWORD --name '{31B2F340-016D-11D2-945F-00C04FB984F9}' --resolve-guids --resolve-sids
objectdn:              CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=contoso,DC=com
objectsid:             
acetype:               ACCESS_ALLOWED_ACE
binarysize:            36
aceflags:              
accessmask:            917693
activedirectoryrights: generic_read, create_child, list_children, self, read_property, write_property, list_object, 
                       read_control, write_dacl, write_owner
isinherited:           False
securityidentifier:    CN=Admins du domaine,CN=Users,DC=contoso,DC=com
iscallbak:             False

objectdn:              CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=contoso,DC=com
objectsid:             
acetype:               ACCESS_ALLOWED_ACE
binarysize:            36
aceflags:              container_inherit, inherit_only
accessmask:            983295
activedirectoryrights: generic_read, create_child, delete_child, list_children, self, read_property, write_property, 
                       delete_tree, list_object, delete, read_control, write_dacl, write_owner
isinherited:           False
securityidentifier:    CN=Admins du domaine,CN=Users,DC=contoso,DC=com
iscallbak:             False
[...]

Feel free to re-open the issue if this didn't answer your question.

Cheers,

Y

from pywerview.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.