Feature: Detecting SeTakeOwnershipPrivilege apply on domain controllers #1178
Labels
Comments
nodauf
added
enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature Description
GPOs can assign user rights and grant SE privileges on domain controllers. While this may not be a common configuration, I have encountered at least one instance where a standard user was granted the SeTakeOwnershipPrivilege. This privilege allows the user to take ownership of various objects, including Active Directory objects, potentially leading to a full compromise of the Active Directory environment.
This setting is configured through GPO:
Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Take ownership of files or other objects
Are you intending to implement this feature?
Not at the moment.
Current Behavior
This setting is not retrieved by SharpHound, causing BloodHound to miss this privilege.
Desired Behavior
The SeTakeOwnershipPrivilege should be displayed under Outbound Object Control.
Use Case
This feature would enhance visibility into user rights assignments configured via GPO, helping detect further misconfigurations.
Additional Information
I can provide more details from my testing environment.
The text was updated successfully, but these errors were encountered: