0 purchases
Description:
abuseACL 1.1.5
A python script to automatically list vulnerable Windows ACEs/ACLs.
Installation
You can install it from pypi (latest version is ) with this command:
sudo python3 -m pip install abuseACL
OR from source :
git clone https://github.com/AetherBlack/abuseACL
cd abuseACL
sudo python3 -m pip install -r requirements.txt
sudo python3 setup.py install
OR with pipx :
python3 -m pipx install git+https://github.com/AetherBlack/abuseACL/
Examples
You want to list vulnerable ACEs/ACLs for the current user :
abuseACL $DOMAIN/$USER:"$PASSWORD"@$TARGET
You want to list vulnerable ACEs/ACLs for another user/computer/group :
abuseACL -principal Aether $DOMAIN/$USER:"$PASSWORD"@$TARGET
You want to list vulnerable ACEs/ACLs for a list of users/computers/groups :
abuseACL -principalsfile accounts.txt $DOMAIN/$USER:"$PASSWORD"@$TARGET
Here is an example of principalsfile content:
Administrateur
Group
aether
Machine$
You want to list vulnerable ACEs/ACLs on Schema or on adminSDHolder :
abuseACL -extends $DOMAIN/$USER:"$PASSWORD"@$TARGET
You can look in the documentation of DACL to find out how to exploit the rights and use dacledit to exploit the ACEs.
How it works
The tool will connect to the DC's LDAP to list users/groups/computers/OU/certificate templates and their nTSecurityDescriptor, which will be parsed to check for vulnerable rights.
Credits
@_nwodtuhs for the helpful DACL documentation
@fortra for developping impacket
License
GNU General Public License v3.0
License
For personal and professional use. You cannot resell or redistribute these repositories in their original state.
Customer Reviews
There are no reviews.
