Twitter Updates

    follow me on Twitter

    List for 4.5% and get 1% cash back on your purchase

    Tuesday, August 25, 2020

    Goddi (Go Dump Domain Info) - Dumps Active Directory Domain Information



    Based on work from Scott Sutherland (@_nullbind), Antti Rantasaari, Eric Gruber (@egru), Will Schroeder (@harmj0y), and the PowerView authors.

    Install
    Use the executables in the releases section. If you want to build it yourself, make sure that your go environment is setup according to the Go setup doc. The goddi package also uses the below package.
    go get gopkg.in/ldap.v2

    Windows
    Tested on Windows 10 and 8.1 (go1.10 windows/amd64).

    Linux
    Tested on Kali Linux (go1.10 linux/amd64).
    • umount, mount, and cifs-utils need to be installed for mapping a share for GetGPP
    apt-get update
    apt-get install -y mount cifs-utils
    • make sure nothing is mounted at /mnt/goddi/
    • make sure to run with sudo

    Run
    When run, will default to using TLS (tls.Client method) over 636. On Linux, make sure to run with sudo.
    • username: Target user. Required parameter.
    • password: Target user's password. Required parameter.
    • domain: Full domain name. Required parameter.
    • dc: DC to target. Can be either an IP or full hostname. Required parameter.
    • startTLS: Use to StartTLS over 389.
    • unsafe: Use for a plaintext connection.
    PS C:\Users\Administrator\Desktop> .\godditest-windows-amd64.exe -username=testuser -password="testpass!" -domain="test.local" -dc="dc.test.local" -unsafe
    [i] Begin PLAINTEXT LDAP connection to 'dc.test.local'...
    [i] PLAINTEXT LDAP connection to 'dc.test.local' successful...
    [i] Begin BIND...
    [i] BIND with 'testuser' successful...
    [i] Begin dump domain info...
    [i] Domain Trusts: 1 found
    [i] Domain Controllers: 1 found
    [i] Users: 12 found
    [*] Warning: keyword 'pass' found!
    [*] Warning: keyword 'fall' found!
    [i] Domain Admins: 4 users found
    [i] Enterprise Admins: 1 users found
    [i] Forest Admins: 0 users found
    [i] Locked Users: 0 found
    [i] Disabled Users: 2 found
    [i] Groups: 45 found
    [i] Domain Sites: 1 found
    [i] Domain Subnets: 0 found
    [i] Domain Computers: 17 found
    [i] Deligated Users: 0 found
    [i] Users with passwords not set to expire: 6 found
    [i] Machine Accounts with passwords older than 45 days: 18 found
    [i] Domain OUs: 8 found
    [i] Domain Account Policy found
    [i] Domain GPOs: 7 found
    [i] FSMO Roles: 3 found
    [i] SPNs: 122 found
    [i] LAPS passwords: 0 found
    [i] GPP enumeration starting. This can take a bit...
    [i] GPP passwords: 7 found
    [i] CSVs written to 'csv' directory in C:\Users\Administrator\Desktop
    [i] Execution took 1.4217256s...
    [i] Exiting...

    Functionality
    StartTLS and TLS (tls.Client func) connections supported. Connections over TLS are default. All output goes to CSVs and are created in /csv/ in the current working directory. Dumps:
    • Domain users. Also searches Description for keywords and prints to a seperate csv ex. "Password" was found in the domain user description.
    • Users in priveleged user groups (DA, EA, FA).
    • Users with passwords not set to expire.
    • User accounts that have been locked or disabled.
    • Machine accounts with passwords older than 45 days.
    • Domain Computers.
    • Domain Controllers.
    • Sites and Subnets.
    • SPNs and includes csv flag if domain admin (a flag to note SPNs that are DAs in the SPN CSV output).
    • Trusted domain relationships.
    • Domain Groups.
    • Domain OUs.
    • Domain Account Policy.
    • Domain deligation users.
    • Domain GPOs.
    • Domain FSMO roles.
    • LAPS passwords.
    • GPP passwords. On Windows, defaults to mapping Q. If used, will try another mapping until success R, S, etc... On Linux, /mnt/goddi is used.


    More information


    No comments:

    Post a Comment

    Home for sale- $2,000 rebate!

    Ready Real Estate slide show

    Become a fan of my page

    Sheree Dutton, Reatlor, DFW, Texas on Facebook
    Powered By Blogger

    Pandora Faves

    Back on the market, price reduced, 1% cash back rebate offered

    Sheree Dutton | Ready Real Estate | 817-975-0461
    222 Birchwood, Azle, TX
    Back on the market, price reduced and 15 cash back rebate offered!
    3BR/2BA Single Family House
    offered at $102,500
    Year Built 2006
    Sq Footage 1,142
    Bedrooms 3
    Bathrooms 2 full, 0 partial
    Floors 1
    Parking 3 Covered spaces
    Lot Size .225 acres
    HOA/Maint $0 per month

    DESCRIPTION


    Wow, talk about pride of ownership! This house has too many upgrades to count, and is so well cared for. You must see it to believe it! A lot of value in this perfect starter home.

    OPEN HOUSE SUNDAY MAY 3RD 2+5 pm

    see additional photos below
    PROPERTY FEATURES

    - Central A/C - Central heat - Fireplace
    - High/Vaulted ceiling - Walk-in closet - Tile floor
    - Living room - Breakfast nook - Dishwasher
    - Refrigerator - Stove/Oven - Microwave
    - Laundry area - inside - Balcony, Deck, or Patio - Yard

    OTHER SPECIAL FEATURES

    - 1 car garage, covered carport for 2 cars
    - covered wood deck in backyard
    - gutters
    - storage shed
    - newly stained wood fence
    - electric fireplace added, with tile hearth
    - upgraded ceiling fans and light fixtures
    - island in kitchen

    ADDITIONAL PHOTOS


    Fantastic curb appeal

    covered wood deck in back

    living room

    kitchen with island

    breakfast nook

    master bedroom
    Contact info:
    Sheree Dutton
    Ready Real Estate
    817-975-0461
    For sale by agent/broker

    powered by postlets Equal Opportunity Housing
    Posted: Sep 11, 2009, 7:31am PDT

    Blog Archive