Based on work from Scott Sutherland (@_nullbind), Antti Rantasaari, Eric Gruber (@egru), Will Schroeder (@harmj0y), and the PowerView authors.
Install
Use the executables in the releases section. If you want to build it yourself, make sure that your go environment is setup according to the Go setup doc. The goddi package also uses the below package.
go get gopkg.in/ldap.v2Windows
Tested on Windows 10 and 8.1 (go1.10 windows/amd64).
Linux
Tested on Kali Linux (go1.10 linux/amd64).
- umount, mount, and cifs-utils need to be installed for mapping a share for GetGPP
apt-get update
apt-get install -y mount cifs-utils- make sure nothing is mounted at /mnt/goddi/
- make sure to run with
sudo
Run
When run, will default to using TLS (tls.Client method) over 636. On Linux, make sure to run with
sudo.- username: Target user. Required parameter.
- password: Target user's password. Required parameter.
- domain: Full domain name. Required parameter.
- dc: DC to target. Can be either an IP or full hostname. Required parameter.
- startTLS: Use to StartTLS over 389.
- unsafe: Use for a plaintext connection.
PS C:\Users\Administrator\Desktop> .\godditest-windows-amd64.exe -username=testuser -password="testpass!" -domain="test.local" -dc="dc.test.local" -unsafe
[i] Begin PLAINTEXT LDAP connection to 'dc.test.local'...
[i] PLAINTEXT LDAP connection to 'dc.test.local' successful...
[i] Begin BIND...
[i] BIND with 'testuser' successful...
[i] Begin dump domain info...
[i] Domain Trusts: 1 found
[i] Domain Controllers: 1 found
[i] Users: 12 found
[*] Warning: keyword 'pass' found!
[*] Warning: keyword 'fall' found!
[i] Domain Admins: 4 users found
[i] Enterprise Admins: 1 users found
[i] Forest Admins: 0 users found
[i] Locked Users: 0 found
[i] Disabled Users: 2 found
[i] Groups: 45 found
[i] Domain Sites: 1 found
[i] Domain Subnets: 0 found
[i] Domain Computers: 17 found
[i] Deligated Users: 0 found
[i] Users with passwords not set to expire: 6 found
[i] Machine Accounts with passwords older than 45 days: 18 found
[i] Domain OUs: 8 found
[i] Domain Account Policy found
[i] Domain GPOs: 7 found
[i] FSMO Roles: 3 found
[i] SPNs: 122 found
[i] LAPS passwords: 0 found
[i] GPP enumeration starting. This can take a bit...
[i] GPP passwords: 7 found
[i] CSVs written to 'csv' directory in C:\Users\Administrator\Desktop
[i] Execution took 1.4217256s...
[i] Exiting...Functionality
StartTLS and TLS (tls.Client func) connections supported. Connections over TLS are default. All output goes to CSVs and are created in /csv/ in the current working directory. Dumps:
- Domain users. Also searches Description for keywords and prints to a seperate csv ex. "Password" was found in the domain user description.
- Users in priveleged user groups (DA, EA, FA).
- Users with passwords not set to expire.
- User accounts that have been locked or disabled.
- Machine accounts with passwords older than 45 days.
- Domain Computers.
- Domain Controllers.
- Sites and Subnets.
- SPNs and includes csv flag if domain admin (a flag to note SPNs that are DAs in the SPN CSV output).
- Trusted domain relationships.
- Domain Groups.
- Domain OUs.
- Domain Account Policy.
- Domain deligation users.
- Domain GPOs.
- Domain FSMO roles.
- LAPS passwords.
- GPP passwords. On Windows, defaults to mapping Q. If used, will try another mapping until success R, S, etc... On Linux, /mnt/goddi is used.
- Hacking Tools Kit
- Hacker Techniques Tools And Incident Handling
- Hack Tools For Mac
- Pentest Tools Free
- Pentest Tools Website
- Hacking Tools For Kali Linux
- Hack Tools For Games
- Hack Rom Tools
- Top Pentest Tools
- Hacking Apps
- Hacking Tools For Windows 7
- Hacking Tools
- Pentest Tools
- Usb Pentest Tools
- Pentest Tools List
- Pentest Tools Free
- Hacker Tools Apk Download
- Kik Hack Tools
- Pentest Tools Find Subdomains
- Hacker Tools For Windows
- Hack Tool Apk No Root
- Pentest Tools Framework
- Hacking Tools For Beginners
- Beginner Hacker Tools
- Pentest Tools Url Fuzzer
- Hacking Tools For Games
- Hacking Tools Name
- Hack Tools 2019
- Easy Hack Tools
- Tools Used For Hacking
- Pentest Tools Free
- Black Hat Hacker Tools
- Hacker Search Tools
- Hacker Tools For Pc
- Hacker Tools Free Download
- Pentest Tools For Android
- Hacking Tools For Windows
- Hacker Tools Free Download
- Hacking Tools For Kali Linux
- Hacking Tools And Software
- What Are Hacking Tools
- Hack Tools Pc
- Hacker Tools Free Download
- Hacking Tools For Windows
- Hacker Tools Free Download
- How To Make Hacking Tools
- Termux Hacking Tools 2019
- Hack Website Online Tool
- Hacker Tools Hardware
- Hack Tools For Ubuntu
- Physical Pentest Tools
- Hacking Tools For Pc
- Computer Hacker
- Nsa Hacker Tools
- Hacker Tools Software
- Tools 4 Hack
- Pentest Tools Subdomain
- Hacking Tools 2019
- Tools 4 Hack
- Pentest Tools Open Source
- Hacker Tools Online
- Black Hat Hacker Tools
- Hacking Tools 2020
- Hacking Tools For Windows Free Download
- Hacker Tools Software
- Pentest Tools Alternative
- Hacking Tools Pc
- Hacker Tools Windows
- Pentest Tools Free
- Pentest Tools Open Source
- Hacking Tools And Software
- Pentest Tools Online
- Hacking Tools For Games
- Hacking Tools For Beginners
- How To Install Pentest Tools In Ubuntu
- Pentest Recon Tools
- Hacking Tools For Beginners
- How To Hack
- Hacker Tools Apk Download
- Pentest Automation Tools
- Hacker Tools Free Download
- Pentest Tools Download
- Tools Used For Hacking
- Hacking Tools Usb
- Growth Hacker Tools
- Hacking Tools For Beginners
- Pentest Tools Open Source
- Tools Used For Hacking
- Hack Apps
- Hack Tools For Ubuntu
- Hacker Search Tools
- Hacking Tools
- Best Hacking Tools 2020
- Hacker
- Hacker Tools Windows
- Hacking Tools Hardware
- Hacker Tool Kit
- Github Hacking Tools
- Pentest Tools For Mac
- Termux Hacking Tools 2019
- Usb Pentest Tools
- Tools 4 Hack
- Hacker Tools Hardware
- Physical Pentest Tools
- Usb Pentest Tools
- World No 1 Hacker Software
- Hacker Tools Github
No comments:
Post a Comment