Rapid7 Vulnerability & Exploit Database

Windows Gather Active Directory Computers

Back to Search

Windows Gather Active Directory Computers

Created
05/30/2018

Description

This module will enumerate computers in the default AD directory. Optional Attributes to use in ATTRIBS: objectClass, cn, description, distinguishedName, instanceType, whenCreated, whenChanged, uSNCreated, uSNChanged, name, objectGUID, userAccountControl, badPwdCount, codePage, countryCode, badPasswordTime, lastLogoff, lastLogon, localPolicyFlags, pwdLastSet, primaryGroupID, objectSid, accountExpires, logonCount, sAMAccountName, sAMAccountType, operatingSystem, operatingSystemVersion, operatingSystemServicePack, serverReferenceBL, dNSHostName, rIDSetPreferences, servicePrincipalName, objectCategory, netbootSCPBL, isCriticalSystemObject, frsComputerReferenceBL, lastLogonTimestamp, msDS-SupportedEncryptionTypes ActiveDirectory has a MAX_SEARCH limit of 1000 by default. Split search up if you hit that limit. Possible filters: (objectClass=computer) # All Computers (primaryGroupID=516) # All Domain Controllers (&(objectCategory=computer)(operatingSystem=*server*)) # All Servers

Author(s)

  • Ben Campbell <eat_meatballs@hotmail.co.uk>

Platform

Windows

Development

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

Time is precious, so I don’t want to do something manually that I can automate. Leveraging the Metasploit Framework when automating any task keeps us from having to re-create the wheel as we can use the existing libraries and focus our efforts where it matters.

– Jim O’Gorman | President, Offensive Security

;