- 综合排序
- 最热优先
- 最新优先
- 来自专栏信安之路
刚入域环境下的域内信息收集
,PasswordLastSet,LastLogonDate,ServicePrincipalName,TrustedForDelegation,TrustedtoAuthForDelegation DistinguishedName TrustedForDelegation : False TrustedToAuthForDelegation : False UserPrincipalName : DistinguishedName TrustedForDelegation : False TrustedToAuthForDelegation : False UserPrincipalName : DistinguishedName TrustedForDelegation : False TrustedToAuthForDelegation : False UserPrincipalName : DistinguishedName PasswordLastSet,LastLogonDate,ServicePrincipalName,TrustedForDelegation,Truste dtoAuthForDelegation DistinguishedName
1.9K40发布于 2021-04-14 - 来自专栏网络安全攻防
Sodinokibi(aka REvil)勒索软件
Servers,CN=Builtin,DC=DomainName,DC=local", "ScopeOfSearch": "Base", "SearchFilter": "member=*" } "DistinguishedName Builders,CN=Builtin,DC=DomainName,DC=local", "ScopeOfSearch": "Base", "SearchFilter": "member=*" } "DistinguishedName Publishers,CN=Users,DC=DomainName,DC=local", "ScopeOfSearch": "Base", "SearchFilter": "member=*" } "DistinguishedName Servers,CN=Builtin,DC=DomainName,DC=local", "ScopeOfSearch": "Base", "SearchFilter": "member=*" } "DistinguishedName ": "CN=Infra,DC=DomainName,DC=local", "ScopeOfSearch": "Base", "SearchFilter": "member=*" } "DistinguishedName
1.7K10发布于 2021-07-21 - 来自专栏全栈程序员必看
Spring Boot集成AD域实现统一用户认证
public String mapFromAttributes(Attributes attr) throws NamingException { String distinguishedName = (String)attr.get("distinguishedName").get(); distinguishedName = StringUtils.substringBefore (distinguishedName,ldapBaseDn); return StringUtils.substringBeforeLast(distinguishedName User person = new User(); String distingugihedName = (String)attr.get("distinguishedName @Id private Name id; @DnAttribute(value = "distiguishedName") private String distinguishedName
3.9K30编辑于 2022-07-25 - 来自专栏网络安全攻防
【神兵利器】Adfind域内查询工具指南
Adfind.exe -b dc=hacke,dc=testlab -f "objectcategory=user" cn createTimeStamp 4、查找域中配置非约束委派的用户,过滤出cn和distinguishedName DC=testlab" -f "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName 5、查找域中配置非约束委派的主机,过滤出cn和distinguishedName属性 AdFind.exe -b "DC=hacke,DC=testlab" -f "(&(samAccountType =805306369)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName 6、查询域中配置非约束委派的主机
64500编辑于 2025-01-20 - 来自专栏kayden
横向渗透方法小结
DCsync) Get-ObjectACL -DistinguishedName "dc=dev,dc=testlab,dc=local" -ResolveGUIDs | ? ,member | ForEach-Object { $GroupDomain = $_.distinguishedname.subString($_.distinguishedname.IndexOf userAccountControl:1.2.840.113556.1.4.803:=2)" -Properties distinguishedname Get-DomainUser -UACFilter NOT_ACCOUNTDISABLE -Properties distinguishedname # all disabled users Get-DomainUser -LDAPFilter "( {$_.objectsid -match '^S-1-5-.*-[1-9]\d{2,}$'} | Select-Object -ExpandProperty distinguishedname $Domains
2.7K10编辑于 2022-09-29 - 来自专栏python3
python+ldap实例
= Attrs['mail'][0] #distinguishedName = Attrs['name'][0] #distinguishedName = Attrs['displayName'][0] #distinguishedName = Attrs['mail'][0] #distinguishedName = Attrs['sAMAccountName'][0] #distinguishedName = Attrs['distinguishedName'][0] #distinguishedName = Attrs['title'][0] #distinguishedName = Attrs['department'][0] #distinguishedName = Attrs['manager'][0] print "Login Info for user : %s" % distinguishedName
2.1K10发布于 2020-01-06 - 来自专栏Gamma安全实验室
域内委派-原理以及应用
loacl" "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" |grep -iE "distinguishedName loacl" "(&(samAccountType=805306369)(userAccountControl:1.2.840.113556.1.4.803:=524288))" |grep -iE "distinguishedName ,DC=loacl" -f "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName ,DC=loacl" -f "(&(samAccountType=805306369)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName 这里就要用到一个工具kekeo 1.首先查询域内配置了约束性委派的服务账号 Get-DomainUser -TrustedToAuth -Properties distinguishedname,useraccountcontrol
2K50发布于 2021-03-10 - 来自专栏内网安全学习笔记
非约束委派攻击
vulntarget,DC=com" -f "(&(samAccountType=805306369)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName vulntarget,DC=com" -f "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName vulntarget,DC=com" -f "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName vulntarget,DC=com" -f "(&(samAccountType=805306369)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName
61920编辑于 2023-04-17 - 来自专栏SpringSpace.cn
Spring Boot 2.0 项目实现自同步AD域账号 顶
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); searchCtls.setReturningAttributes(new String[]{"name","sn","distinguishedName objectCategory=Person)(objectClass=user)(name=*))"; private static final String defaultGroupAtts[] = {"distinguishedName ", "name"}; private static final String defaultPersonAtts[] = {"distinguishedName", "memberOf", "
2.5K30发布于 2018-09-05 - 来自专栏用户9757876的专栏
糟了,域帐户不小心误删除了,怎么办?莫慌,教你快速恢复域帐户
鼠标右击需要还原的域账户,然后点“修改”,在弹出的对话框中,输入第一个属性:isDeleted,操作项点选“删除”,点击“输入”,这步操作表示将该账户的“已删除”的属性删除掉; 2、紧接着输入第二个属性:distinguishedName 笔者:“你漏输OU了,distinguishedName属性的值,你少输入了OU=,缺失对象,所以无法执行。” 网管:“汗......”
2.6K20编辑于 2022-05-18 - 来自专栏网络空间安全
内网渗透横向移动之委派攻击
g1ts,DC=com" -f "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName @#456 -b "DC=g1ts,DC=com" -f "(&(samAccountType=805306368)(msds-allowedtodelegateto=*))" cn distinguishedName =com" "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" |grep -iE "distinguishedName =com" "(&(samAccountType=805306369)(userAccountControl:1.2.840.113556.1.4.803:=524288))" |grep -iE "distinguishedName 查询约束委派机器 Get-DomainComputer -TrustedToAuth -Domain g1ts.com -Properties distinguishedname,useraccountcontrol
1.5K60发布于 2021-11-23 - 来自专栏LuckySec网络安全
域内信息查询工具AdFind
luckysec,DC=cn" -f "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName
2.8K30编辑于 2022-11-02 - 来自专栏HACK学习
干货 | 全网最详细的Kerberos协议及其漏洞
=org" "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" |grep -iE "distinguishedName =org" "(&(samAccountType=805306369)(userAccountControl:1.2.840.113556.1.4.803:=524288))" |grep -iE "distinguishedName \@\#45 -b "DC=0day,DC=org" "(&(samAccountType=805306368)(msds-allowedtodelegateto=*))" |grep -iE "distinguishedName \@\#45 -b "DC=0day,DC=org" "(&(samAccountType=805306369)(msds-allowedtodelegateto=*))" |grep -iE "distinguishedName AdFind.exe -b "DC=0day,DC=org" -f "(&(samAccountType=805306368)(msds-allowedtodelegateto=*))" cn distinguishedName
6.6K41发布于 2021-07-21 - 来自专栏云计算-私有云
仅允许特定用户组通过NetScaler访问虚拟桌面
2) 找到要配置的用户组,右键打开属性页面,在“属性编辑器”,复制“distinguishedName”的属性值 ? ?
1.6K30发布于 2020-06-03 - 来自专栏DotNet NB && CloudNative
.NET 10 登场:LTS 版本助力开发者解锁性能与功能新高度(第三部分)
对 X500DistinguishedName 更严格的验证: • 类型:行为变更 • 引入版本:预览版 1 • 现在对 X500DistinguishedName 的解析和验证遵循更严格的安全规则,可能会影响依赖更宽松验证的应用程序
40410编辑于 2025-06-16 - 来自专栏大内老A
[WCF权限控制]从两个重要的概念谈起:Identity与Principal[上篇]
X509Identity : GenericIdentity, IDisposable 2: { 3: //其他成员 4: public X509Identity(X500DistinguishedName x500DistinguishedName); 5: public X509Identity(X509Certificate2 certificate); 6: 7: 我们可以通过传入一个X509Certificate2对象或者以X500DistinguishedName对象表示的证书的标识名称来创建X509Identity。
951100发布于 2018-01-16 - 来自专栏红蓝对抗
什么是内网渗透委派攻击?
redteam,DC=club" -f "(&(samAccountType=805306369)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName redteam,DC=club" -f "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName AdFind.exe -b "DC=redteam,DC=club" -f "(&(samAccountType=805306368)(msds-allowedtodelegateto=*))" cn distinguishedName
52121编辑于 2024-07-24 - 来自专栏HACK学习
内网渗透|域内委派详解
hiro,DC=com" -f "(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName hiro,DC=com" -f "(&(samAccountType=805306369)(userAccountControl:1.2.840.113556.1.4.803:=524288))" cn distinguishedName 查找域中配置约束委派用户: AdFind.exe -b "DC=hiro,DC=com" -f "(&(samAccountType=805306368)(msds-allowedtodelegateto=*))" cn distinguishedName 查找域中配置约束委派的主机: AdFind.exe -b "DC=hiro,DC=com" -f "(&(samAccountType=805306369)(msds-allowedtodelegateto=*))" cn distinguishedName
3K40发布于 2021-08-13 - 来自专栏网络安全技术点滴分享
Windows Server 2025 Active Directory权限提升漏洞检测工具
PSCustomObject]@{ Identity = $rule.IdentityReference OU = $OU.DistinguishedName
24710编辑于 2025-09-04 - 来自专栏运维开发王义杰
使用PowerShell管理和修改Windows域密码策略
DistinguishedName: 这是密码策略的Distinguished Name(DN),这是在LDAP目录中唯一标识条目的字符串。
2.7K30编辑于 2023-08-10
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号