Following on from the previous Active Directory Kung-Fu post, I thought I would add a few more things that could be useful on a Pentest.
The tools used are not installed on a standard XP build and will have to be downloaded from Microsoft and installed.
First off get the 2 new tools, AdminPack and Group Policy Management.
http://www.microsoft.com/en-us/download/details.aspx?id=16770 – Admin Pack for XP
http://www.microsoft.com/en-us/download/details.aspx?id=21895 – Group Policy Management for XP
Extract and install the Admin Pack and install gpmc.msi
Once these 2 tools are installed you will find that there are new gui tools.
Continue reading “Easily Find Domain Controllers – More Active Directory Kung-Fu”
I wrote this metasploit post module to search and download files from compromised hosts.
Initial credit to @3vilJohn whose module inspired this. http://johnbabio.wordpress.com
It searches open Metasploit SESSIONS for file types Word, Excel, Pdf and user specified types.
It can enumerate and search specified drives too using a bit of Railgun Kung-Fu from Mubix, aka http://www.room362.com
You can set the dump location for the downloaded files and even attempt to elevate privileges with a Get_System function, useful for when you’re in as a un priv user.
Here’s some screenshots of it in action,
Continue reading “Metasploit POST Module – Interesting Documents Finder”