tags: AD_Enumerazione_Utenti Active_Directory Windows_Privilage_Escalations
Per enumerare gli utenti di un Active Directory ed eventuali password possiamo usare il seguente comando:
Get-ADUser -Filter * -Properties * | select Name,SamAccountName,Description
Get-ADUser -Filter * -Properties * | select Name,SamAccountName,Description
Name SamAccountName Description
---- -------------- -----------
Administrator Administrator Built-in account for administering the computer/domain
Guest Guest Built-in account for guest access to the computer/domain
krbtgt krbtgt Key Distribution Center Service Account
THM User thm
THM Victim victim Change the password: Passw0rd!@#
thm-local thm-local
Admin THM admin
svc-thm svc-thm
THM Admin BK bk-admin
test test-user
sshd sshd