Vulnerability & Exploit Database

Back to search

Windows Gather Active Directory Computers

This module will enumerate computers in the default AD directory. Optional Attributes to use in ATTRIBS: objectClass, cn, description, distinguishedName, instanceType, whenCreated, whenChanged, uSNCreated, uSNChanged, name, objectGUID, userAccountControl, badPwdCount, codePage, countryCode, badPasswordTime, lastLogoff, lastLogon, localPolicyFlags, pwdLastSet, primaryGroupID, objectSid, accountExpires, logonCount, sAMAccountName, sAMAccountType, operatingSystem, operatingSystemVersion, operatingSystemServicePack, serverReferenceBL, dNSHostName, rIDSetPreferences, servicePrincipalName, objectCategory, netbootSCPBL, isCriticalSystemObject, frsComputerReferenceBL, lastLogonTimestamp, msDS-SupportedEncryptionTypes ActiveDirectory has a MAX_SEARCH limit of 1000 by default. Split search up if you hit that limit. Possible filters: (objectClass=computer) # All Computers (primaryGroupID=516) # All Domain Controllers (&(objectCategory=computer)(operatingSystem=*server*)) # All Servers

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name



  • Ben Campbell <eat_meatballs [at]>



  • windows



Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use post/windows/gather/enum_ad_computers msf post(enum_ad_computers) > sessions ...sessions... msf post(enum_ad_computers) > set SESSION <session-id> msf post(enum_ad_computers) > show options and set options... msf post(enum_ad_computers) > run