Description:

abuseACL 1.1.5

A python script to automatically list vulnerable Windows ACEs/ACLs.






Installation
You can install it from pypi (latest version is ) with this command:
sudo python3 -m pip install abuseACL

OR from source :
git clone https://github.com/AetherBlack/abuseACL
cd abuseACL
sudo python3 -m pip install -r requirements.txt
sudo python3 setup.py install

OR with pipx :
python3 -m pipx install git+https://github.com/AetherBlack/abuseACL/

Examples

You want to list vulnerable ACEs/ACLs for the current user :

abuseACL $DOMAIN/$USER:"$PASSWORD"@$TARGET



You want to list vulnerable ACEs/ACLs for another user/computer/group :

abuseACL -principal Aether $DOMAIN/$USER:"$PASSWORD"@$TARGET



You want to list vulnerable ACEs/ACLs for a list of users/computers/groups :

abuseACL -principalsfile accounts.txt $DOMAIN/$USER:"$PASSWORD"@$TARGET

Here is an example of principalsfile content:
Administrateur
Group
aether
Machine$



You want to list vulnerable ACEs/ACLs on Schema or on adminSDHolder :

abuseACL -extends $DOMAIN/$USER:"$PASSWORD"@$TARGET


You can look in the documentation of DACL to find out how to exploit the rights and use dacledit to exploit the ACEs.
How it works
The tool will connect to the DC's LDAP to list users/groups/computers/OU/certificate templates and their nTSecurityDescriptor, which will be parsed to check for vulnerable rights.

Credits

@_nwodtuhs for the helpful DACL documentation
@fortra for developping impacket

License
GNU General Public License v3.0

License

For personal and professional use. You cannot resell or redistribute these repositories in their original state.

Share

• Share on Facebook
• Share on Twitter