Enumeration - Powerview
This is after loading Poweview into the machine.
Some terms so you dont forget:
GPO: A Group Policy Object (GPO) is a group of settings that are created using the Microsoft Management Console (MMC) Group Policy Editor. GPOs can be associated with a single or numerous Active Directory containers, including sites, domains, or organizational units (OUs). The MMC allows users to create GPOs that define registry-based policies, security options, software installation and much more.
OU: organizational units so basically groups that belong to an organization.
ACLs: In Active Directory, access control lists are tables, or simple lists, that define the trustees who have access to the object in question, and also what type of access they have.
User Enumeration
Enumerating samaccount names
Enumerating Descriptions
This could be passwords or tasks.
Enumerating Groups
Look for weird ones in the bottom.
If we want to look specifically for a certain user and what part of a group that person is in.
Enumerating Group Itself
Enumerating Group Policy Objects
Look to see exploitable ones.
Enumerating ACLs
Look for GENERIC WRITE and Generic ALL for weird ones.
Take a look at this, you see how the mayorsec\Sales group has complete GenericALL on the ACL that affects the Engineering group. This means that if we are indeed part of the sales group, we could do multiple things to abuse those ACLs.
We see the memners of this said group who has write access to the Engineering Group.
Now notice that this user was able to add and delete users from that group.
So we could possibly abuse this to add ourselves to groups who have higher access than ours.
Enumerating Computers
Last updated
