{"id":205,"date":"2014-01-16T10:57:25","date_gmt":"2014-01-16T10:57:25","guid":{"rendered":"http:\/\/www.hackwhackandsmack.com\/?p=205"},"modified":"2014-01-16T11:07:10","modified_gmt":"2014-01-16T11:07:10","slug":"smart-lsa-secrets-module","status":"publish","type":"post","link":"https:\/\/www.hackwhackandsmack.com\/?p=205","title":{"rendered":"Smart LSA Secrets Module"},"content":{"rendered":"<p>I decided to take two modules and crash them together to add some automation to some tasks that I seem to pick up often. I took the LSA Secrets module and the Domain Group Enum module and combined them to be one module. I then added some addition comparison functions to inform me if any of the service accounts being used are part of the &#8220;Domain Admins&#8221; group. I have hard coded the domain admins group rather than leave this as a variable, this can be easily changed but I wanted it just to work while using run commands from a meterpreter session or while using Dark Operators macro script to run over multiple sessions.<\/p>\n<p>The code can be found here:\u00a0<a href=\"http:\/\/www.hackwhackandsmack.com\/wp-content\/uploads\/2014\/01\/lsa_enum_DA1.txt\">lsa_enum_DA.rb<\/a><a href=\"http:\/\/www.hackwhackandsmack.com\/wp-content\/uploads\/2014\/01\/lsa_enum_DA-demo.png\"><br \/>\n<\/a><\/p>\n<p>The following shows the module running against a server with 3 service accounts one local admin and 2 domain admins, firstly the domain admins are reported for the domain, then on each service account a line informs the user if the account is a domain admin or not.<\/p>\n<p><a href=\"http:\/\/www.hackwhackandsmack.com\/wp-content\/uploads\/2014\/01\/lsa_enum_DA-demo.png\"><br \/>\n<img decoding=\"async\" loading=\"lazy\" title=\"lsa_enum_DA-demo\" src=\"http:\/\/www.hackwhackandsmack.com\/wp-content\/uploads\/2014\/01\/lsa_enum_DA-demo.png\" alt=\"\" width=\"1152\" height=\"648\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>I decided to take two modules and crash them together to add some automation to some tasks that I seem to pick up often. I took the LSA Secrets module and the Domain Group Enum module and combined them to be one module. I then added some addition comparison functions to inform me if any&hellip; <a class=\"more-link\" href=\"https:\/\/www.hackwhackandsmack.com\/?p=205\">Continue reading <span class=\"screen-reader-text\">Smart LSA Secrets Module<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=\/wp\/v2\/posts\/205"}],"collection":[{"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=205"}],"version-history":[{"count":6,"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=\/wp\/v2\/posts\/205\/revisions"}],"predecessor-version":[{"id":212,"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=\/wp\/v2\/posts\/205\/revisions\/212"}],"wp:attachment":[{"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hackwhackandsmack.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}