Monday, August 31, 2020

Goddi (Go Dump Domain Info) - Dumps Active Directory Domain Information



Based on work from Scott Sutherland (@_nullbind), Antti Rantasaari, Eric Gruber (@egru), Will Schroeder (@harmj0y), and the PowerView authors.

Install
Use the executables in the releases section. If you want to build it yourself, make sure that your go environment is setup according to the Go setup doc. The goddi package also uses the below package.
go get gopkg.in/ldap.v2

Windows
Tested on Windows 10 and 8.1 (go1.10 windows/amd64).

Linux
Tested on Kali Linux (go1.10 linux/amd64).
  • umount, mount, and cifs-utils need to be installed for mapping a share for GetGPP
apt-get update
apt-get install -y mount cifs-utils
  • make sure nothing is mounted at /mnt/goddi/
  • make sure to run with sudo

Run
When run, will default to using TLS (tls.Client method) over 636. On Linux, make sure to run with sudo.
  • username: Target user. Required parameter.
  • password: Target user's password. Required parameter.
  • domain: Full domain name. Required parameter.
  • dc: DC to target. Can be either an IP or full hostname. Required parameter.
  • startTLS: Use to StartTLS over 389.
  • unsafe: Use for a plaintext connection.
PS C:\Users\Administrator\Desktop> .\godditest-windows-amd64.exe -username=testuser -password="testpass!" -domain="test.local" -dc="dc.test.local" -unsafe
[i] Begin PLAINTEXT LDAP connection to 'dc.test.local'...
[i] PLAINTEXT LDAP connection to 'dc.test.local' successful...
[i] Begin BIND...
[i] BIND with 'testuser' successful...
[i] Begin dump domain info...
[i] Domain Trusts: 1 found
[i] Domain Controllers: 1 found
[i] Users: 12 found
        [*] Warning: keyword 'pass' found!
        [*] Warning: keyword 'fall' found!
[i] Domain Admins: 4 users found
[i] Enterprise Admins: 1 users found
[i] Forest Admins: 0 users found
[i] Locked Users: 0 found
[i] Disabled Users: 2 found
[i] Groups: 45 found
[i] Domain Sites: 1 found
[i] Domain Subnets: 0 found
[i] Domain Computers: 17 found
[i] Deligated Users: 0 found
[i] Users with passwords not set to expire: 6 found
[i] Machine Accounts with passwords older than 45 days: 18 found
[i] Domain OUs: 8 found
[i] Domain Account Policy found
[i] Domain GPOs: 7 found
[i] FSMO Roles: 3 found
[i] SPNs: 122 found
[i] LAPS passwords: 0 found
[i] GPP enumeration starting. This can take a bit...
[i] GPP passwords: 7 found
[i] CSVs written to 'csv' directory in C:\Users\Administrator\Desktop
[i] Execution took 1.4217256s...
[i] Exiting...

Functionality
StartTLS and TLS (tls.Client func) connections supported. Connections over TLS are default. All output goes to CSVs and are created in /csv/ in the current working directory. Dumps:
  • Domain users. Also searches Description for keywords and prints to a seperate csv ex. "Password" was found in the domain user description.
  • Users in priveleged user groups (DA, EA, FA).
  • Users with passwords not set to expire.
  • User accounts that have been locked or disabled.
  • Machine accounts with passwords older than 45 days.
  • Domain Computers.
  • Domain Controllers.
  • Sites and Subnets.
  • SPNs and includes csv flag if domain admin (a flag to note SPNs that are DAs in the SPN CSV output).
  • Trusted domain relationships.
  • Domain Groups.
  • Domain OUs.
  • Domain Account Policy.
  • Domain deligation users.
  • Domain GPOs.
  • Domain FSMO roles.
  • LAPS passwords.
  • GPP passwords. On Windows, defaults to mapping Q. If used, will try another mapping until success R, S, etc... On Linux, /mnt/goddi is used.


Related links


  1. Pentest Tools Alternative
  2. Hacker Techniques Tools And Incident Handling
  3. Pentest Tools Review
  4. Hack Apps
  5. Hacks And Tools
  6. Pentest Tools Windows
  7. How To Hack
  8. Pentest Tools Linux
  9. Hack Tools Pc
  10. Pentest Tools Bluekeep
  11. Hacking Tools Windows
  12. Hacking Tools For Kali Linux
  13. Pentest Tools Website Vulnerability
  14. Pentest Recon Tools
  15. Tools 4 Hack
  16. Black Hat Hacker Tools
  17. Hacking Tools For Windows
  18. How To Make Hacking Tools
  19. Pentest Tools Windows
  20. Hacker
  21. Best Pentesting Tools 2018
  22. Hack Tools For Pc
  23. Hack App
  24. Hacker Tools Online
  25. Hack Tool Apk
  26. Underground Hacker Sites
  27. Wifi Hacker Tools For Windows
  28. Pentest Tools Open Source
  29. Hacker Tools Github
  30. Pentest Tools Website Vulnerability
  31. Hack Tools For Mac
  32. Hackrf Tools
  33. Pentest Tools Kali Linux
  34. How To Install Pentest Tools In Ubuntu
  35. Game Hacking
  36. Hacking Tools For Pc
  37. Usb Pentest Tools
  38. Pentest Tools Linux
  39. Hacking Tools For Games
  40. Hack Tools For Ubuntu
  41. Tools For Hacker
  42. Hacker
  43. Hack Apps
  44. Pentest Tools Tcp Port Scanner
  45. Pentest Tools Subdomain
  46. Nsa Hack Tools
  47. Hacking Tools For Beginners
  48. Hacking Tools For Beginners
  49. Hacker Tools Github
  50. Tools For Hacker
  51. Nsa Hack Tools Download
  52. Hacker Tools Hardware
  53. Easy Hack Tools
  54. Pentest Tools Tcp Port Scanner
  55. Hacker Tools Online
  56. Hacker Tools For Mac
  57. Hack Tools For Games
  58. Hacking Tools For Mac
  59. Hacker Tools Mac
  60. Pentest Tools Bluekeep
  61. Pentest Tools Port Scanner
  62. Pentest Tools Find Subdomains
  63. Hack Tools For Ubuntu
  64. Hacking Tools For Games
  65. Pentest Tools List
  66. Hacking Tools For Pc
  67. Hack Apps
  68. Hack Tools
  69. Hacking Tools For Pc
  70. Growth Hacker Tools
  71. Bluetooth Hacking Tools Kali
  72. Hacking Tools For Mac
  73. Pentest Tools Windows
  74. Hacker Techniques Tools And Incident Handling
  75. Hacking Apps
  76. Hackrf Tools
  77. Hack Tools For Games
  78. Hacker Tools For Pc
  79. Tools For Hacker
  80. Hacking Tools 2020
  81. Github Hacking Tools
  82. Computer Hacker
  83. Hack Tools Pc
  84. Ethical Hacker Tools
  85. Hacker Tools For Pc
  86. Pentest Tools List
  87. Tools 4 Hack
  88. Hacking App
  89. Pentest Tools Url Fuzzer
  90. Hack Tools Download
  91. Game Hacking
  92. Computer Hacker
  93. Usb Pentest Tools
  94. Kik Hack Tools
  95. Hacking Tools For Windows 7
  96. Pentest Tools For Android
  97. Hack Tools For Windows
  98. Hacking Tools For Windows
  99. Hacker Tools Github
  100. Hacker Techniques Tools And Incident Handling
  101. Computer Hacker
  102. Best Hacking Tools 2020
  103. What Is Hacking Tools
  104. Kik Hack Tools
  105. Pentest Tools Open Source
  106. Hacker Tools For Windows
  107. Hack Tools 2019
  108. Beginner Hacker Tools
  109. Hacker Tools For Ios
  110. Hacking Tools For Windows Free Download
  111. Pentest Tools Apk
  112. Wifi Hacker Tools For Windows
  113. Hacking Tools
  114. Best Hacking Tools 2019
  115. Pentest Tools For Windows
  116. Hack Tools Download
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)