ADenum - A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos

      No comments   

AD Enum is a pentesting tool that allows to find misconfiguration through the protocol LDAP and exploit some of those weaknesses with Kerberos.

cracking (john) -jp [path] John binary path -w [wordList] The path of the wordlist to be used john (Default: /usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt -v, --version Show program's version number and exit -s Use LDAP with SSL "> 

█████╗ ██████╗     ███████╗███╗   ██╗██╗   ██╗███╗   ███╗
██╔══██╗██╔══██╗    ██╔════╝████╗  ██║██║   ██║████╗ ████║
███████║██║  ██║    █████╗  ██╔██╗ ██║██║   ██║██╔███ ╔██║
██╔══██║██║  ██║    ██╔══╝  ██║╚██╗██║██║   ██║██║╚██╔╝██║
██║  ██║██████╔╝    ███████╗██║ ╚████║╚██████╔╝██║ ╚═╝ ██║
╚═╝  ╚═╝╚═════╝     ╚══════╝╚═╝  ╚═══╝ ╚═════╝ ╚═╝     ╚═╝
usage: ADenum.py -d [domain] -u [username] -p [password]


Pentest tool that detect misconfig in AD with LDAP


optional arguments:
-h, --help       show this help message and exit
-d  [domain]     The name of domain (e.g. "test.local")
-u  [username]   The user name
-p  [password]   The user password
-ip [ipAddress]  The IP address of the server (e.g. "1.1.1.1")
-j               Enable hash cracking (john)
-jp [path]       John binary path
-w  [wordList]   The path of the wordlist to be used john (Default: /usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt
-v, --version    Show program's version number and exit
-s               Use LDAP with SSL


Requirement

Features and Functionality

LDAP:

  • Enum Domain Admin users
  • Enum Domain Controllers
  • Enum Domain users with Password Not Expire
  • Enum Domain users with old password
  • Enum Domain users with interesting description
  • Enum Domain users with not the default encryption
  • Enum Domain users with Protecting Privileged Domain Accounts

Kerberos:

  • AS-REP Roastable
  • Kerberoastable
  • Password cracking with john (krb5tgs and krb5asrep)

Demo

AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos. (1)

Microsoft Advanced Threat Analytics

ATA detects two suspicious events but does not trigger an alert:

  • The connection with the protocol LDAP without SSL
  • The Kerberoastable attack

As shown in this screenshot:

Source

Documentation:

Impacket:

Legal Disclaimer:

testing purposes only. Usage of this software for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. "> 
This project is made for educational and ethical testing purposes only. Usage of this software for attacking targets without prior mutual consent is illegal. 
It is the end user's responsibility to obey all applicable local, state and federal laws. 
Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Adblock test (Why?)


You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss

Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen

Related Posts:

0 Comments:

Post a Comment