all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

LDAP shell - AD ACL Abuse

Add to bookmarks
April 10, 2022, 9:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


This repository contains a small tool inherited from ldap_shell (https://github.com/SecureAuthCorp/impacket/blob/master/impacket/examples/ldap_shell.py).


Installation

These tools are only compatible with Python 3.5+. Clone the repository from GitHub, install the dependencies and you should be good to go:

git clone https://github.com/z-Riocool/ldap_shell.git
cd ldap_shell
python3 setup.py install

Usage

Connection options

ldap_shell domain.local/user:password
ldap_shell domain.local/user:password -dc-ip 192.168.1.2
ldap_shell domain.local/user -hashes aad3b435b51404eeaad3b435b51404ee:aad3b435b51404eeaad3b435b51404e1
export KRB5CCNAME=/home/user/ticket.ccache
ldap_shell -k -no-pass domain.local/user

Functionality

access to the domain object, assign the DS-Replication right to the selected user. del_dcsync user - …

abuse acl ad gpo laps ldap passwords python shell

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

VectorKernel - PoCs For Kernelmode Rootkit Techniques Research 3 hours ago | www.kitploit.com
64bit api education kernel +17
Cookie-Monster - BOF To Steal Browser Cookies & Credentials 1 day, 3 hours ago | www.kitploit.com
cookie-monster passwords processes python +2
NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected 2 days, 3 hours ago | www.kitploit.com
mechanism microsoft mimikatz noargs +3
Frameless-Bitb - A New Approach To Browser In The Browser (BITB) Without The Use Of … 3 days, 3 hours ago | www.kitploit.com
frameless-bitb scanners scripts subdomains +2
Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking 3 days, 18 hours ago | www.kitploit.com
analysis beginners cracking infosec +11
Porch-Pirate - The Most Comprehensive Postman Recon / OSINT Client And Framework That Facilitates The … 6 days, 3 hours ago | www.kitploit.com
api api endpoints automated client +20
APKDeepLens - Android Security Insights In Full Spectrum 1 week ago | www.kitploit.com
android security apkdeeplens mobile security vulnerabilities +1
RemoteTLSCallbackInjection - Utilizing TLS Callbacks To Execute A Payload Without Spawning Any Threads In A … 1 week, 1 day ago | www.kitploit.com
academy anti-debugging api home +8
Sicat - The Useful Exploit Finder 1 week, 2 days ago | www.kitploit.com
exploit finder metasploit modules reconnaissance sicat

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Program Associate, Cyber Risk

@ Kroll | Toronto, ONT, Canada
View on infosec-jobs.com

Cybersecurity Operations Engineer 2

@ Humana | Remote US
View on infosec-jobs.com

Vice President - Lead Security Engineer (SECS04)

@ JPMorgan Chase & Co. | Columbus, OH, United States
View on infosec-jobs.com

Security Specialist

@ BGIS | Markham, ON, Canada
View on infosec-jobs.com
View more jobs