Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
2021-07-07 01:16:57 Author: www.darknet.org.uk(查看原文) 阅读量:137 收藏

Last updated: July 7, 2021 | 16 views


Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths.

Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory

It takes a starting and ending point and will use Neo4j pathfinding algorithms to find the most efficient ACL based privilege escalation path.

Features of Aclpwn.Py Exploit ACL Based Privilege Escalation Paths in Active Directory

Aclpwn.Py currently has the following features:

  • Direct integration with BloodHound and the Neo4j graph database (fast pathfinding)
  • Supports any reversible ACL based attack chain (no support for resetting user passwords right now)
  • Advanced pathfinding (Dijkstra) to find the most efficient paths
  • Support for exploitation with NTLM hashes (pass-the-hash)
  • Saves restore state, easy rollback of changes
  • Can be run via a SOCKS tunnel
  • Written in Python (2.7 and 3.5+), so OS independent

Installation of Aclpwn.py ACL Based Privilege Escalation

Aclpwn.py is compatible with both Python 2.7 and 3.5+. It requires the neo4j-driver, impacket and ldap3 libraries. You can install aclpwn.py via pip: pip install aclpwn. For Python 3, you will need the python36 branch of impacket since the master branch (and versions published on PyPI) are Python 2 only at this point.

This tool does not exploit any vulnerabilities, but relies on misconfigured (often because of delegated privileges) or insecure default ACLs. To solve these issues, it is important to identify potentially dangerous ACLs in your Active Directory environment with BloodHound. For detection, Windows Event Logs can be used.

You can download Aclpwn.py here:

aclpwn.py-master.zip

Or read more here.

Posted in: Hacking Tools

Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.

July 7, 2021 - 0 Shares

Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.

May 27, 2021 - 66 Shares

LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.

May 7, 2021 - 78 Shares

Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.

April 19, 2021 - 190 Shares

APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.

March 5, 2021 - 217 Shares

GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc

February 3, 2021 - 145 Shares



文章来源: https://www.darknet.org.uk/2021/07/aclpwn-py-exploit-acl-based-privilege-escalation-paths-in-active-directory/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed
如有侵权请联系:admin#unsafe.sh