Based on work from Scott Sutherland (@_nullbind), Antti Rantasaari, Eric Gruber (@egru), Will Schroeder (@harmj0y), and the PowerView authors.
Install
Use the executables in the releases section. If you want to build it yourself, make sure that your go environment is setup according to the Go setup doc. The goddi package also uses the below package.
go get gopkg.in/ldap.v2Windows
Tested on Windows 10 and 8.1 (go1.10 windows/amd64).
Linux
Tested on Kali Linux (go1.10 linux/amd64).
- umount, mount, and cifs-utils need to be installed for mapping a share for GetGPP
apt-get update
apt-get install -y mount cifs-utils- make sure nothing is mounted at /mnt/goddi/
- make sure to run with
sudo
Run
When run, will default to using TLS (tls.Client method) over 636. On Linux, make sure to run with
sudo.- username: Target user. Required parameter.
- password: Target user's password. Required parameter.
- domain: Full domain name. Required parameter.
- dc: DC to target. Can be either an IP or full hostname. Required parameter.
- startTLS: Use to StartTLS over 389.
- unsafe: Use for a plaintext connection.
PS C:\Users\Administrator\Desktop> .\godditest-windows-amd64.exe -username=testuser -password="testpass!" -domain="test.local" -dc="dc.test.local" -unsafe
[i] Begin PLAINTEXT LDAP connection to 'dc.test.local'...
[i] PLAINTEXT LDAP connection to 'dc.test.local' successful...
[i] Begin BIND...
[i] BIND with 'testuser' successful...
[i] Begin dump domain info...
[i] Domain Trusts: 1 found
[i] Domain Controllers: 1 found
[i] Users: 12 found
[*] Warning: keyword 'pass' found!
[*] Warning: keyword 'fall' found!
[i] Domain Admins: 4 users found
[i] Enterprise Admins: 1 users found
[i] Forest Admins: 0 users found
[i] Locked Users: 0 found
[i] Disabled Users: 2 found
[i] Groups: 45 found
[i] Domain Sites: 1 found
[i] Domain Subnets: 0 found
[i] Domain Computers: 17 found
[i] Deligated Users: 0 found
[i] Users with passwords not set to expire: 6 found
[i] Machine Accounts with passwords older than 45 days: 18 found
[i] Domain OUs: 8 found
[i] Domain Account Policy found
[i] Domain GPOs: 7 found
[i] FSMO Roles: 3 found
[i] SPNs: 122 found
[i] LAPS passwords: 0 found
[i] GPP enumeration starting. This can take a bit...
[i] GPP passwords: 7 found
[i] CSVs written to 'csv' directory in C:\Users\Administrator\Desktop
[i] Execution took 1.4217256s...
[i] Exiting...Functionality
StartTLS and TLS (tls.Client func) connections supported. Connections over TLS are default. All output goes to CSVs and are created in /csv/ in the current working directory. Dumps:
- Domain users. Also searches Description for keywords and prints to a seperate csv ex. "Password" was found in the domain user description.
- Users in priveleged user groups (DA, EA, FA).
- Users with passwords not set to expire.
- User accounts that have been locked or disabled.
- Machine accounts with passwords older than 45 days.
- Domain Computers.
- Domain Controllers.
- Sites and Subnets.
- SPNs and includes csv flag if domain admin (a flag to note SPNs that are DAs in the SPN CSV output).
- Trusted domain relationships.
- Domain Groups.
- Domain OUs.
- Domain Account Policy.
- Domain deligation users.
- Domain GPOs.
- Domain FSMO roles.
- LAPS passwords.
- GPP passwords. On Windows, defaults to mapping Q. If used, will try another mapping until success R, S, etc... On Linux, /mnt/goddi is used.
Continue reading
- Pentest Tools Download
- Hacking Tools Online
- Hacking Tools For Windows Free Download
- Pentest Tools Download
- Hacking Tools Pc
- Hacker Tools
- Hack Rom Tools
- Hack Tools Download
- Pentest Tools Bluekeep
- Hack Tools Download
- Hack Tools
- Hacker Tools Online
- Pentest Tools For Android
- Hack Tools
- Pentest Tools Linux
- Best Hacking Tools 2019
- Tools Used For Hacking
- Hack Tools
- Hacking Tools Kit
- Free Pentest Tools For Windows
- How To Make Hacking Tools
- Hack Tools For Pc
- Pentest Tools Review
- Hacker Hardware Tools
- Hak5 Tools
- Pentest Tools For Ubuntu
- Tools Used For Hacking
- Pentest Tools For Ubuntu
- Hacking Tools For Kali Linux
- Hack Tools For Ubuntu
- Hacking Tools Pc
- Hack App
- Pentest Tools Website Vulnerability
- Hacker
- Pentest Tools Website Vulnerability
- Beginner Hacker Tools
- Hack Apps
- Hacker Tools Linux
- Pentest Tools Android
- Termux Hacking Tools 2019
- Pentest Tools Port Scanner
- Pentest Tools Windows
- Pentest Box Tools Download
- Tools For Hacker
- Hacking Tools For Windows Free Download
- Pentest Tools Open Source
- Best Pentesting Tools 2018
- Tools Used For Hacking
- Termux Hacking Tools 2019
- Nsa Hack Tools
- Game Hacking
- Pentest Tools List
- Pentest Tools Framework
- Hacker Tools Online
- Free Pentest Tools For Windows
- What Are Hacking Tools
- Hack Tools Mac
- Hacking Tools Windows 10
- Hack Tools Mac
- Pentest Tools Website
- Hack Website Online Tool
- Hak5 Tools
- What Is Hacking Tools
- Hack Tools For Pc
- Pentest Tools For Windows
- Hack Tools Download
- Hacking Tools For Windows 7
- Hacker Tools Mac
- Hacker Tools Free Download
- Pentest Tools Apk
- Hacking Tools Windows 10
- Pentest Tools List
- Hacking Tools Kit
- Pentest Tools Website
- Pentest Tools For Ubuntu
- Hack Website Online Tool
- World No 1 Hacker Software
- Pentest Tools Port Scanner
- Hacker Tools List
- Hack Tools 2019
- Pentest Tools For Ubuntu
- Pentest Tools Find Subdomains
- Pentest Tools Framework
- Growth Hacker Tools
- Hak5 Tools
- Hack Tools
- Hack Tools Mac
- Pentest Reporting Tools
- Hacking Tools For Beginners
- Hacker Security Tools
- Hack Tools For Windows
- Hacker Tool Kit
- Pentest Tools For Ubuntu
- Install Pentest Tools Ubuntu
- Hacker Tools For Pc
- How To Hack
- Pentest Tools Subdomain
- How To Install Pentest Tools In Ubuntu
- Bluetooth Hacking Tools Kali
- Hackrf Tools
- Hacking Tools For Windows
- Hacking Tools For Windows Free Download
- Blackhat Hacker Tools
No comments:
Post a Comment