Comments (6)
vletoux
commented on August 25, 2024
I can only check if everyone has "read all extended rights" or "read on ms-mcs-admpwd" and show people having similar rights in the delegation section
from pingcastle.
cnotin
commented on August 25, 2024
Yes either by analyzing the ACLs, or simply checking if read works...
from pingcastle.
vletoux
commented on August 25, 2024
You cannot check if read works.
Because this is equivalent to know if the user launching pingcastle is part
of a local (and delegated) admin group.
This is an undecidable problem
Le sam. 1 août 2020 à 23:32, Clément Notin <[email protected]> a
écrit :
… Yes either by analyzing the ACLs, or simply checking if read works...
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#50 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACRDZBQKLOP4ZBE2SEQM65LR6SCXTANCNFSM4PQQ5FUQ>
.
--
---
Vincent
from pingcastle.
cnotin
commented on August 25, 2024
Well the LDAP request I suggested above works when the user collecting the data has the rights on some OUs :)
from pingcastle.
vletoux
commented on August 25, 2024
I've added the read ms-mcs-admpwd to the list of delegations to check
It appears also in the list
This is the maximum I can do, retrieving object with this property set will imply the retrieval of all objects (when running under admin control). This will impact the speed of the report and the info retrieved is hard to interpret
from pingcastle.
cnotin
commented on August 25, 2024
That's still progress thanks 👍
"retrieving object with this property set will imply the retrieval of all objects (when running under admin control)"
Yes I agree.. And since you can't know if the current user is admin or not, or should have legitimate access to those or not, it's hard to decide!
from pingcastle.
Related Issues (20)
- Increase points for "Check if authentication certificate templates allow users to control the subject" ? HOT 2
- GPO from forest root domain doesn't seem to be detected at child domains
- GPO Group Member/Regestry/Preference with targeting
- DHCP Admin group
- Missing Vuln Cert Template check for Domain Computers
- Question regarding TrustedToAuthenticateForDelegation
- Cannot add multiple HoneyPot Exclusions with DistinguishedName HOT 1
- runnning on AD Explorer snapshot HOT 1
- Feature Request: Add flag to specify alternate output path HOT 1
- Reported control path does not seem exploitable HOT 2
- Example Report HOT 1
- Bug: Certificate-based authentication (P12) with --azuread fails HOT 1
- BUG : AzureAD - Check if users can consent to any app HOT 1
- [Rules ] "The audit policy on domain controllers" - auditpol.exe HOT 1
- RiskRule A-DnsZoneUpdate2 finds DNS Zones that does not exist? HOT 1
- Getting error while running audit on azure ad HOT 1
- Score balancing
- A-DC-Coerce detection differences
- Windows 10 21H2 LTSC is reported as obsolete OS
- P-RODCAdminRevealed doesnt seem to be accurate.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pingcastle.