Menu
 
» »Unlabelled » Goddi (Go Dump Domain Info) - Dumps Active Directory Domain Information

A+ A-


Based on work from Scott Sutherland (@_nullbind), Antti Rantasaari, Eric Gruber (@egru), Will Schroeder (@harmj0y), and the PowerView authors.

Install
Use the executables in the releases section. If you want to build it yourself, make sure that your go environment is setup according to the Go setup doc. The goddi package also uses the below package.
go get gopkg.in/ldap.v2

Windows
Tested on Windows 10 and 8.1 (go1.10 windows/amd64).

Linux
Tested on Kali Linux (go1.10 linux/amd64).
  • umount, mount, and cifs-utils need to be installed for mapping a share for GetGPP
apt-get update
apt-get install -y mount cifs-utils
  • make sure nothing is mounted at /mnt/goddi/
  • make sure to run with sudo

Run
When run, will default to using TLS (tls.Client method) over 636. On Linux, make sure to run with sudo.
  • username: Target user. Required parameter.
  • password: Target user's password. Required parameter.
  • domain: Full domain name. Required parameter.
  • dc: DC to target. Can be either an IP or full hostname. Required parameter.
  • startTLS: Use to StartTLS over 389.
  • unsafe: Use for a plaintext connection.
PS C:\Users\Administrator\Desktop> .\godditest-windows-amd64.exe -username=testuser -password="testpass!" -domain="test.local" -dc="dc.test.local" -unsafe
[i] Begin PLAINTEXT LDAP connection to 'dc.test.local'...
[i] PLAINTEXT LDAP connection to 'dc.test.local' successful...
[i] Begin BIND...
[i] BIND with 'testuser' successful...
[i] Begin dump domain info...
[i] Domain Trusts: 1 found
[i] Domain Controllers: 1 found
[i] Users: 12 found
        [*] Warning: keyword 'pass' found!
        [*] Warning: keyword 'fall' found!
[i] Domain Admins: 4 users found
[i] Enterprise Admins: 1 users found
[i] Forest Admins: 0 users found
[i] Locked Users: 0 found
[i] Disabled Users: 2 found
[i] Groups: 45 found
[i] Domain Sites: 1 found
[i] Domain Subnets: 0 found
[i] Domain Computers: 17 found
[i] Deligated Users: 0 found
[i] Users with passwords not set to expire: 6 found
[i] Machine Accounts with passwords older than 45 days: 18 found
[i] Domain OUs: 8 found
[i] Domain Account Policy found
[i] Domain GPOs: 7 found
[i] FSMO Roles: 3 found
[i] SPNs: 122 found
[i] LAPS passwords: 0 found
[i] GPP enumeration starting. This can take a bit...
[i] GPP passwords: 7 found
[i] CSVs written to 'csv' directory in C:\Users\Administrator\Desktop
[i] Execution took 1.4217256s...
[i] Exiting...

Functionality
StartTLS and TLS (tls.Client func) connections supported. Connections over TLS are default. All output goes to CSVs and are created in /csv/ in the current working directory. Dumps:
  • Domain users. Also searches Description for keywords and prints to a seperate csv ex. "Password" was found in the domain user description.
  • Users in priveleged user groups (DA, EA, FA).
  • Users with passwords not set to expire.
  • User accounts that have been locked or disabled.
  • Machine accounts with passwords older than 45 days.
  • Domain Computers.
  • Domain Controllers.
  • Sites and Subnets.
  • SPNs and includes csv flag if domain admin (a flag to note SPNs that are DAs in the SPN CSV output).
  • Trusted domain relationships.
  • Domain Groups.
  • Domain OUs.
  • Domain Account Policy.
  • Domain deligation users.
  • Domain GPOs.
  • Domain FSMO roles.
  • LAPS passwords.
  • GPP passwords. On Windows, defaults to mapping Q. If used, will try another mapping until success R, S, etc... On Linux, /mnt/goddi is used.


Continue reading
  1. Kik Hack Tools
  2. Pentest Tools For Ubuntu
  3. Hacking Tools For Windows Free Download
  4. Bluetooth Hacking Tools Kali
  5. Usb Pentest Tools
  6. Hacker Tools Mac
  7. Hacking Tools Windows
  8. Hack Tools For Mac
  9. Kik Hack Tools
  10. Pentest Tools Review
  11. Hacker Tools Hardware
  12. Hack App
  13. Pentest Tools Windows
  14. Pentest Tools Website Vulnerability
  15. Hacking Tools 2020
  16. Hacking Tools For Mac
  17. Hacking Tools And Software
  18. Hacking Tools For Windows
  19. What Are Hacking Tools
  20. Pentest Tools For Ubuntu
  21. Hacking Tools For Beginners
  22. Hacker Techniques Tools And Incident Handling
  23. Kik Hack Tools
  24. Hacker Tools For Windows
  25. Best Pentesting Tools 2018
  26. Hacker Tools
  27. World No 1 Hacker Software
  28. Hacker
  29. What Are Hacking Tools
  30. Hacker Hardware Tools
  31. Hacker Techniques Tools And Incident Handling
  32. Hacker Tools Apk Download
  33. Hacking Tools 2020
  34. Hacking Tools For Mac
  35. Hacker Tools Hardware
  36. Ethical Hacker Tools
  37. Free Pentest Tools For Windows
  38. Computer Hacker
  39. Pentest Tools Open Source
  40. Hack Tools Github
  41. Hacker Security Tools
  42. Pentest Tools
  43. Pentest Tools List
  44. Pentest Automation Tools
  45. Hak5 Tools
  46. Hacker Tools Mac
  47. Nsa Hack Tools Download
  48. Hacker Tools Apk Download
  49. Pentest Tools Nmap
  50. Hack Tools For Pc
  51. Hack Tools Pc
di 19.52

Posting Komentar

Langganan: Posting Komentar (Atom)
 
Top