Vulnerable-AD - Create A Vulnerable Active Directory That'S Allowing You To Test Most Of Active Directory Attacks In Local Lab

2020-08-28T21:30:00

Description

[![](https://1.bp.blogspot.com/-LXoeoTubbWA/XzoR6hDmnBI/AAAAAAAATjg/sFtSIB3fx4obkEensjJrrRuDLfGCuo29gCNcBGAsYHQ/s640/Active-Directory.jpg)](<https://1.bp.blogspot.com/-LXoeoTubbWA/XzoR6hDmnBI/AAAAAAAATjg/sFtSIB3fx4obkEensjJrrRuDLfGCuo29gCNcBGAsYHQ/s1600/Active-Directory.jpg>) Create a [vulnerable](<https://www.kitploit.com/search/label/Vulnerable> "vulnerable" ) active directory that's allowing you to test most of active directory attacks in local lab. **Main Features** * Randomize Attacks * Full Coverage of the mentioned attacks * you need run the script in DC with [Active Directory](<https://www.kitploit.com/search/label/Active%20Directory> "Active Directory" ) installed * Some of attacks require client workstation **Supported Attacks** * Abusing ACLs/ACEs * Kerberoasting * AS-REP Roasting * Abuse DnsAdmins * Password in AD User comment * Password Spraying * DCSync * Silver Ticket * Golden Ticket * Pass-the-Hash * Pass-the-Ticket * SMB Signing Disabled **Example** # if you didn't install Active Directory yet , you can try Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath "C:\\Windows\\NTDS" -DomainMode "7" -DomainName "cs.org" -DomainNetbiosName "cs" -ForestMode "7" -InstallDns:$true -LogPath "C:\\Windows\\NTDS" -NoRebootOnCompletion:$false -SysvolPath "C:\\Windows\\SYSVOL" -Force:$true # if you already installed Active Directory, just run the script ! IEX((new-object net.webclient).downloadstring("https://raw.githubusercontent.com/wazehell/vulnerable-AD/master/vulnad.ps1")); Invoke-VulnAD -UsersLimit 100 -DomainName "cs.org" **TODO** * Add More realistic scenarios * Click close issue button on github **[Download vulnerable-AD](<https://github.com/WazeHell/vulnerable-AD> "Download vulnerable-AD" )**

{"id": "KITPLOIT:7888744854158471708", "vendorId": null, "type": "kitploit", "bulletinFamily": "tools", "title": "Vulnerable-AD - Create A Vulnerable Active Directory That'S Allowing You To Test Most Of Active Directory Attacks In Local Lab", "description": "[![](https://1.bp.blogspot.com/-LXoeoTubbWA/XzoR6hDmnBI/AAAAAAAATjg/sFtSIB3fx4obkEensjJrrRuDLfGCuo29gCNcBGAsYHQ/s640/Active-Directory.jpg)](<https://1.bp.blogspot.com/-LXoeoTubbWA/XzoR6hDmnBI/AAAAAAAATjg/sFtSIB3fx4obkEensjJrrRuDLfGCuo29gCNcBGAsYHQ/s1600/Active-Directory.jpg>)\n\n \nCreate a [vulnerable](<https://www.kitploit.com/search/label/Vulnerable> \"vulnerable\" ) active directory that's allowing you to test most of active directory attacks in local lab. \n \n**Main Features** \n\n\n * Randomize Attacks\n * Full Coverage of the mentioned attacks\n * you need run the script in DC with [Active Directory](<https://www.kitploit.com/search/label/Active%20Directory> \"Active Directory\" ) installed\n * Some of attacks require client workstation\n \n**Supported Attacks** \n\n\n * Abusing ACLs/ACEs\n * Kerberoasting\n * AS-REP Roasting\n * Abuse DnsAdmins\n * Password in AD User comment\n * Password Spraying\n * DCSync\n * Silver Ticket\n * Golden Ticket\n * Pass-the-Hash\n * Pass-the-Ticket\n * SMB Signing Disabled\n \n**Example** \n\n \n \n # if you didn't install Active Directory yet , you can try \n Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath \"C:\\\\Windows\\\\NTDS\" -DomainMode \"7\" -DomainName \"cs.org\" -DomainNetbiosName \"cs\" -ForestMode \"7\" -InstallDns:$true -LogPath \"C:\\\\Windows\\\\NTDS\" -NoRebootOnCompletion:$false -SysvolPath \"C:\\\\Windows\\\\SYSVOL\" -Force:$true\n # if you already installed Active Directory, just run the script !\n IEX((new-object net.webclient).downloadstring(\"https://raw.githubusercontent.com/wazehell/vulnerable-AD/master/vulnad.ps1\"));\n Invoke-VulnAD -UsersLimit 100 -DomainName \"cs.org\"\n\n \n**TODO** \n\n\n * Add More realistic scenarios\n * Click close issue button on github\n \n \n\n\n**[Download vulnerable-AD](<https://github.com/WazeHell/vulnerable-AD> \"Download vulnerable-AD\" )**\n", "published": "2020-08-28T21:30:00", "modified": "2020-08-28T21:30:01", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "http://www.kitploit.com/2020/08/vulnerable-ad-create-vulnerable-active.html", "reporter": "KitPloit", "references": ["https://github.com/WazeHell/vulnerable-AD"], "cvelist": [], "immutableFields": [], "lastseen": "2022-04-07T12:02:40", "viewCount": 87, "enchantments": {"dependencies": {}, "score": {"value": 0.4, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.4}, "_state": {"dependencies": 1659880087, "score": 1659830837}, "_internal": {"score_hash": "4116f5559609200adc4c332e22409afa"}, "toolHref": "https://github.com/WazeHell/vulnerable-AD"}