HarmJ0y/cross_trust_dacls.ps1 Secret

## cross_trust_dacls.ps1
$Domain = "dev.testlab.local"
$DomainSid = Get-DomainSid $Domain
Get-DomainObjectAcl -Domain $Domain -ResolveGUIDs -LDAPFilter '(|(objectclass=groupPolicyContainer)(objectclass=group)(objectclass=user)(objectclass=domain))' | ? {
    ($_.AceType -match 'AccessAllowed') -and `
    ($_.SecurityIdentifier -match '^S-1-5-.*-[1-9]\d{3,}$') -and `
    ($_.SecurityIdentifier -notmatch $DomainSid) -and `
    ($_.ActiveDirectoryRights -match 'WriteProperty|GenericAll|GenericWrite|WriteDacl|WriteOwner')
} | % {
    $_ | Add-Member Noteproperty 'PrincipalDN' $(Convert-ADName $_.SecurityIdentifier -OutputType DN)
    $_
}
	$Domain = "dev.testlab.local"
	$DomainSid = Get-DomainSid $Domain
	Get-DomainObjectAcl -Domain $Domain -ResolveGUIDs -LDAPFilter '(\|(objectclass=groupPolicyContainer)(objectclass=group)(objectclass=user)(objectclass=domain))' \| ? {
	($_.AceType -match 'AccessAllowed') -and `
	($_.SecurityIdentifier -match '^S-1-5-.*-[1-9]\d{3,}$') -and `
	($_.SecurityIdentifier -notmatch $DomainSid) -and `
	($_.ActiveDirectoryRights -match 'WriteProperty\|GenericAll\|GenericWrite\|WriteDacl\|WriteOwner')
	} \| % {
	$_ \| Add-Member Noteproperty 'PrincipalDN' $(Convert-ADName $_.SecurityIdentifier -OutputType DN)
	$_
	}