Windows Gather Enumerate Domain Tokens
This module will enumerate tokens present on a system that are part of the domain the target host is part of, will also enumerate users in the local Administrators, Users and Backup Operator groups to identify Domain members. Processes will be also enumerated and checked if they are running under a Domain account, on all checks the accounts, processes and tokens will be checked if they are part of the Domain Admin group of the domain the machine is a member of.
Rank
- Normal
Authors
- Carlos Perez < carlos_perez [at] darkoperator.com >
Development
Similar Modules
- post/windows/gather/arp_scanner
- post/windows/gather/bitcoin_jacker
- post/windows/gather/cachedump
- post/windows/gather/checkvm
- post/windows/gather/credentials/coreftp
- post/windows/gather/credentials/credential_collector
- post/windows/gather/credentials/dyndns
- post/windows/gather/credentials/enum_cred_store
- post/windows/gather/credentials/enum_picasa_pwds
- post/windows/gather/credentials/epo_sql
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use post/windows/gather/enum_domain_tokens
msf post(enum_domain_tokens) > set SESSION [INTEGER]
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use post/windows/gather/enum_domain_tokens
msf post(enum_domain_tokens) > set SESSION [INTEGER]
Module Options
| SESSION | The session to run this module on. |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |