Based on work from Scott Sutherland (@_nullbind), Antti Rantasaari, Eric Gruber (@egru), Will Schroeder (@harmj0y), and the PowerView authors.
Install
Use the executables in the releases section. If you want to build it yourself, make sure that your go environment is setup according to the Go setup doc. The goddi package also uses the below package.
go get gopkg.in/ldap.v2Windows
Tested on Windows 10 and 8.1 (go1.10 windows/amd64).
Linux
Tested on Kali Linux (go1.10 linux/amd64).
- umount, mount, and cifs-utils need to be installed for mapping a share for GetGPP
apt-get update
apt-get install -y mount cifs-utils- make sure nothing is mounted at /mnt/goddi/
- make sure to run with
sudo
Run
When run, will default to using TLS (tls.Client method) over 636. On Linux, make sure to run with
sudo.- username: Target user. Required parameter.
- password: Target user's password. Required parameter.
- domain: Full domain name. Required parameter.
- dc: DC to target. Can be either an IP or full hostname. Required parameter.
- startTLS: Use to StartTLS over 389.
- unsafe: Use for a plaintext connection.
PS C:\Users\Administrator\Desktop> .\godditest-windows-amd64.exe -username=testuser -password="testpass!" -domain="test.local" -dc="dc.test.local" -unsafe
[i] Begin PLAINTEXT LDAP connection to 'dc.test.local'...
[i] PLAINTEXT LDAP connection to 'dc.test.local' successful...
[i] Begin BIND...
[i] BIND with 'testuser' successful...
[i] Begin dump domain info...
[i] Domain Trusts: 1 found
[i] Domain Controllers: 1 found
[i] Users: 12 found
[*] Warning: keyword 'pass' found!
[*] Warning: keyword 'fall' found!
[i] Domain Admins: 4 users found
[i] Enterprise Admins: 1 users found
[i] Forest Admins: 0 users found
[i] Locked Users: 0 found
[i] Disabled Users: 2 found
[i] Groups: 45 found
[i] Domain Sites: 1 found
[i] Domain Subnets: 0 found
[i] Domain Computers: 17 found
[i] Deligated Users: 0 found
[i] Users with passwords not set to expire: 6 found
[i] Machine Accounts with passwords older than 45 days: 18 found
[i] Domain OUs: 8 found
[i] Domain Account Policy found
[i] Domain GPOs: 7 found
[i] FSMO Roles: 3 found
[i] SPNs: 122 found
[i] LAPS passwords: 0 found
[i] GPP enumeration starting. This can take a bit...
[i] GPP passwords: 7 found
[i] CSVs written to 'csv' directory in C:\Users\Administrator\Desktop
[i] Execution took 1.4217256s...
[i] Exiting...Functionality
StartTLS and TLS (tls.Client func) connections supported. Connections over TLS are default. All output goes to CSVs and are created in /csv/ in the current working directory. Dumps:
- Domain users. Also searches Description for keywords and prints to a seperate csv ex. "Password" was found in the domain user description.
- Users in priveleged user groups (DA, EA, FA).
- Users with passwords not set to expire.
- User accounts that have been locked or disabled.
- Machine accounts with passwords older than 45 days.
- Domain Computers.
- Domain Controllers.
- Sites and Subnets.
- SPNs and includes csv flag if domain admin (a flag to note SPNs that are DAs in the SPN CSV output).
- Trusted domain relationships.
- Domain Groups.
- Domain OUs.
- Domain Account Policy.
- Domain deligation users.
- Domain GPOs.
- Domain FSMO roles.
- LAPS passwords.
- GPP passwords. On Windows, defaults to mapping Q. If used, will try another mapping until success R, S, etc... On Linux, /mnt/goddi is used.
- Hacking Tools For Mac
- Pentest Tools For Ubuntu
- Nsa Hacker Tools
- Hacker Hardware Tools
- Pentest Tools For Android
- Hacker Tools For Pc
- Hacker Tools Online
- What Is Hacking Tools
- Hack Tools Download
- Best Pentesting Tools 2018
- Hacking Tools For Kali Linux
- Pentest Tools Tcp Port Scanner
- Pentest Tools Windows
- Kik Hack Tools
- Wifi Hacker Tools For Windows
- Pentest Tools Open Source
- Hacker Tools 2019
- Best Hacking Tools 2019
- What Are Hacking Tools
- Game Hacking
- Pentest Tools Website
- Hacking Apps
- Pentest Tools Kali Linux
- Nsa Hacker Tools
- Pentest Box Tools Download
- Usb Pentest Tools
- Pentest Tools Kali Linux
- Hack Website Online Tool
- Pentest Tools Online
- Hack Tools For Ubuntu
- Pentest Recon Tools
- Hacker Tools 2019
- How To Install Pentest Tools In Ubuntu
- Hack And Tools
- Best Hacking Tools 2020
- World No 1 Hacker Software
- Pentest Reporting Tools
- Hacker Hardware Tools
- Hacker Tools Hardware
- Hackers Toolbox
- Pentest Tools Alternative
- Hacker Techniques Tools And Incident Handling
- Hacker Tools Free
- Pentest Tools
- Hak5 Tools
- Hacker Tools
- Pentest Tools Port Scanner
- Blackhat Hacker Tools
- Pentest Tools Linux
- Hack And Tools
- Hacking Tools Download
- Hacking Tools Usb
- Hacker Security Tools
- Physical Pentest Tools
- New Hacker Tools
- Pentest Tools Port Scanner
- Hack App
- Hack Tools For Mac
- Hack Tools Download
- Pentest Tools Website
- Hack Rom Tools
- Hacking Tools 2019
- Pentest Tools Kali Linux
- Hacking Tools For Games
- Hak5 Tools
- Github Hacking Tools
- Nsa Hacker Tools
- Hack Tools Online
- Hacking Tools Free Download
- Hacker Search Tools
- New Hack Tools
- Pentest Tools Kali Linux
- Pentest Tools For Android
- Hack Tools Online
- Github Hacking Tools
- Pentest Tools Framework
- Pentest Tools Find Subdomains
- Hack Tools 2019
- Nsa Hack Tools Download
- How To Install Pentest Tools In Ubuntu
- Pentest Tools Open Source
- Hack Tools Pc
- Nsa Hack Tools Download
- Pentest Tools Website
- Pentest Tools For Mac
- Pentest Tools Linux
- New Hacker Tools
- Hacker Tools Apk Download
- Pentest Recon Tools
- Hacking Tools For Mac
- Hacker Security Tools
- Pentest Box Tools Download
- Hacking Tools For Games
- Hacker Tools 2020
- Pentest Tools Kali Linux
- Hack Tools For Games
- How To Install Pentest Tools In Ubuntu
- Hacker Tools Free
- Hack Tools For Mac
- Hack App
- Pentest Tools Port Scanner
- Hacker Tool Kit
- Hacker Techniques Tools And Incident Handling
- Hacker Tools For Pc
- Hackrf Tools
- Hacker Tools Mac
- Hacking Tools Windows 10
- Hackrf Tools
- How To Install Pentest Tools In Ubuntu
- Pentest Tools For Windows
- Pentest Tools Android
- Nsa Hacker Tools
- Hack Apps
Nessun commento:
Posta un commento