module

Windows Gather Active Directory Computers

Try Surface Command
Back to search
Disclosed
N/A
Created
2018-05-30

Description

This module will enumerate computers in the default AD directory.

Optional Attributes to use in ATTRIBS:
objectClass, cn, description, distinguishedName, instanceType, whenCreated,
whenChanged, uSNCreated, uSNChanged, name, objectGUID,
userAccountControl, badPwdCount, codePage, countryCode,
badPasswordTime, lastLogoff, lastLogon, localPolicyFlags,
pwdLastSet, primaryGroupID, objectSid, accountExpires,
logonCount, sAMAccountName, sAMAccountType, operatingSystem,
operatingSystemVersion, operatingSystemServicePack, serverReferenceBL,
dNSHostName, rIDSetPreferences, servicePrincipalName, objectCategory,
netbootSCPBL, isCriticalSystemObject, frsComputerReferenceBL,
lastLogonTimestamp, msDS-SupportedEncryptionTypes

ActiveDirectory has a MAX_SEARCH limit of 1000 by default. Split search up
if you hit that limit.

Possible filters:
(objectClass=computer) # All Computers
(primaryGroupID=516) # All Domain Controllers
(&(objectCategory=computer)(operatingSystem=*server*)) # All Servers

Author

Ben Campbell eat_meatballs@hotmail.co.uk

Platform

Windows

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


    msf > use post/windows/gather/enum_ad_computers
    msf post(enum_ad_computers) > show actions
        ...actions...
    msf post(enum_ad_computers) > set ACTION < action-name >
    msf post(enum_ad_computers) > show options
        ...show and set options...
    msf post(enum_ad_computers) > run
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today