Skip to content
/ finding_windows_privileges Public

Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compromise if not evaluated. Privileges can override permission causing a gap of perceived effective permission.

License

MIT license
10 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lordsaibat/finding_windows_privileges

BranchesTags

Repository files navigation

finding_windows_privileges

Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compromise if not evaluated. Privileges can override permission causing a gap of perceived effective permission.

Based on code from Tony Pombo https://gallery.technet.microsoft.com/scriptcenter/Grant-Revoke-Query-user-26e259b0

To search for users with Bad Privileges on the localhost

PS> Find-BadPrivilege

Accounts with Bad Privileges on localhost

Accounts with SeCreateTokenPrivilege

CN=TestCN,OU=TestOU,DC=DC,DC=lab

........................

To seach for users with Bad Privileges on all the computers in the domain

PS> Find-BadPrivilegeDomain

Accounts with Bad Privileges on DC1

Accounts with SeCreateTokenPrivilege

CN=TestCN,OU=TestOU,DC=DC,DC=lab

........................

Learn more about the script and how this script filled a gap in privileges at: http://www.sans.org/reading-room/whitepapers/sysadmin/effectiveness-tools-detecting-039-maleficent-seven-039-privileges-windows-environment-38220

About

Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compromise if not evaluated. Privileges can override permission causing a gap of perceived effective permission.

Resources

Readme

License

MIT license
Activity

Stars

10 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages