This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
#This script was modified from the one created by Nolirium to create the new image file but not include the extra utilities | |
#https://nolirium.blogspot.com/2016/12/android-on-chrome-os-rooting-shell.html | |
# Main functions: | |
check_if_root() { | |
if [ $(id -u) != 0 ]; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#//////Functions | |
FUNCTION Get-AdminGroupMembers($Group, $DomainName){ | |
$Mems = Get-ADGroupMember -Identity $Group -Server $DomainName -Recursive | |
Foreach ($mem in $Mems){ | |
if ($mem.objectClass -eq "user"){ | |
$adobj = $mem | Get-ADUser -Properties AllowReversiblePasswordEncryption,DoesNotRequirePreAuth,mail,MemberOf,PasswordNotRequired,SamAccountName,ServicePrincipalNames,canonicalName | |
$act = ($adobj.canonicalName.split("."))[0] + "\" + $adobj.SamAccountName | |
} elseif ($mem.objectClass -eq "computer"){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#//////Functions | |
Function Get-OUacl ($ACLlist){ | |
$MyOUAclArray = New-Object System.Collections.ArrayList | |
Foreach ($ACL in $ACLlist){ | |
$ACLobjectType = if($ACL.ObjectType -eq '00000000-0000-0000-0000-000000000000'){ | |
"All" | |
}ELSE{ | |
$RawGUID = ([guid]$ACL.ObjectType).ToByteArray() | |
(Get-ADObject -Searchbase (Get-ADRootDSE).schemaNamingContext -Filter {schemaIDGUID -eq $RawGuid}).Name |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Requires -RunAsAdministrator | |
#search for accounts that have the sync SPN that aren't a Domain Controller | |
$shadowcomps = Get-ADObject -LDAPFilter '(&(ServicePrincipalName=E3514235-4B06-11D1-AB04-00C04FC2DCD2/*)(!(userAccountControl:1.2.840.113556.1.4.803:=8192)))' -Properties ServicePrincipalName | |
foreach ($scomp in $shadowcomps){ | |
$sSpns = $scomp.ServicePrincipalName | where {$_ -like "E3514235-4B06-11D1-AB04-00C04FC2DCD2/*"} | |
foreach ($sSpn in $sSpns){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.SYNOPSIS | |
FindOuPermissions is a Windows PowerShell script that finds all of the different OUs in a domain, | |
determins the permissions assigned to different users and groups, and reports back which are different | |
from their parent; including what those permissions are. | |
This script does require that the device be joined to the domain being queried and RSAT is installed. | |
Author: Eric Kuehn |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$MysIDArray = New-Object System.Collections.ArrayList | |
FUNCTION Invoke-FindOuPermissions{ | |
<# | |
.SYNOPSIS | |
Invoke-FindOuPermissions is a Windows PowerShell script that finds all of the different OUs in a domain, determins the permissions assigned to different users and groups, and reports back which are different from their parent; including what those permissions are.This script does require the Active Directory Modules. | |
Author: Eric Kuehn | |
.DESCRIPTION | |
This script is designed to help during the Mapping phase of a penetration test. It does require a valid set of credentials from the Active Directory Domain being searched. Once it connects, it goes through the following process: |