List vulnerable ACL.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Rehtea from gravatar.com Rehtea

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: Aether
  • Tags abuseACL, ActiveDirectory, AD
  • Requires: Python <4, >=3.6
Classifiers

Project description

A python script to automatically list vulnerable Windows ACEs/ACLs.
PyPI GitHub release (latest by date)

Installation

You can install it from pypi (latest version is PyPI) with this command:

sudo python3 -m pip install abuseACL

OR from source :

git clone https://github.com/AetherBlack/abuseACL
cd abuseACL
sudo python3 -m pip install -r requirements.txt
sudo python3 setup.py install

OR with pipx :

python3 -m pipx install git+https://github.com/AetherBlack/abuseACL/

Examples

  • You want to list vulnerable ACEs/ACLs for the current user :
abuseACL $DOMAIN/$USER:"$PASSWORD"@$TARGET

  • You want to list vulnerable ACEs/ACLs for another user/computer/group :
abuseACL -principal Aether $DOMAIN/$USER:"$PASSWORD"@$TARGET

  • You want to list vulnerable ACEs/ACLs for a list of users/computers/groups :
abuseACL -principalsfile accounts.txt $DOMAIN/$USER:"$PASSWORD"@$TARGET

Here is an example of principalsfile content:

Administrateur
Group
aether
Machine$

  • You want to list vulnerable ACEs/ACLs on Schema or on adminSDHolder :
abuseACL -extends $DOMAIN/$USER:"$PASSWORD"@$TARGET

You can look in the documentation of DACL to find out how to exploit the rights and use dacledit to exploit the ACEs.

How it works

The tool will connect to the DC's LDAP to list users/groups/computers/OU/certificate templates and their nTSecurityDescriptor, which will be parsed to check for vulnerable rights.

Credits

License

GNU General Public License v3.0

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Rehtea from gravatar.com Rehtea

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT
  • Author: Aether
  • Tags abuseACL, ActiveDirectory, AD
  • Requires: Python <4, >=3.6
Classifiers

Release history Release notifications | RSS feed

This version

1.1.5

1.1.4

1.1.3

1.1.2

1.1.1

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

abuseacl-1.1.5.tar.gz (26.9 kB view details)

Uploaded Source

Built Distribution

abuseACL-1.1.5-py3-none-any.whl (32.0 kB view details)

Uploaded Python 3

File details

Details for the file abuseacl-1.1.5.tar.gz.

File metadata

  • Download URL: abuseacl-1.1.5.tar.gz
  • Upload date:
  • Size: 26.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.5

File hashes

Hashes for abuseacl-1.1.5.tar.gz
Algorithm Hash digest
SHA256 bc08c1e9673d06866d8debc9da56c0ac41bf6b4ea14ab2d64cacd78d47d88c15
MD5 0db90cacd2707d9c22fd0a6152cb2192
BLAKE2b-256 35def53862309f374bcad69e994b02d521b5ff4aeb916de2127bf170e0909b05

See more details on using hashes here.

File details

Details for the file abuseACL-1.1.5-py3-none-any.whl.

File metadata

  • Download URL: abuseACL-1.1.5-py3-none-any.whl
  • Upload date:
  • Size: 32.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.5

File hashes

Hashes for abuseACL-1.1.5-py3-none-any.whl
Algorithm Hash digest
SHA256 8c21635cb8b26136811056a5390b66c4e968154f3150a8e80074828d7502dbad
MD5 9ae18181861e22ddb1b15deef51227e0
BLAKE2b-256 c587fa7b618d756c18caf3966cacf001107eb7d071010541dfd05b49c692a5e5

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page