Hacking en Active Directory - [CPAD-100]
Comprar cursoYouTubeTwitterLinkedIn
  • La Biblia del Hacking en ACTIVE DIRECTORY
    • ADVERTENCIA
    • Conoce a tu academia
    • Conoce a tu instructor
    • Aprende con nuestro curso
      • ¿Que Significa CPAD-100?
  • Introducción a Directorio Activo – (AD)
    • Fundamentos de AD
    • Componentes importantes de un Active Directory
    • Principales conceptos de un Directorio Activo
      • Diferencias entre GPO y ACL
    • ¿Por qué los atacantes van tras los controladores de dominio?
      • Ransomware en AD
    • Introduccion a Kerberos
      • Capa de transporte
      • Agentes
      • Claves de cifrado
      • Tickets
      • Privilege Attribute Certificate (PAC)
      • Mensajes
    • Proceso de autenticación en Kerberos
      • Kerberos Explicado con Parques y Atracciones
    • ¿Como funciona Kerberos?
    • S4U (Service for User)
    • Usuarios y grupo por defectos en AD
    • Biblia de comandos para el CPAD
  • Fundamentos Ofensivos
    • Introduccion al Curso Profesional de Pentesting para Juniors - [CPPJ]
    • ¿Qué es un Red Team?
      • Assume breach
    • ¿Qué es un Pentesting?
    • Instalacion de Kali Linux
      • Utilizando IP publica para auditorias reales
    • Transferencias de archivos
    • Cyber Kill Chain
    • MITRE
      • Ejemplo teorico
  • Enumeracion Externa
    • Credenciales expuestas
    • La importancia de la enumeracion en un red team
    • Reconocimiento y Recopilacion
    • Activos de informacion publicos
      • DNS records
      • Redes sociales
  • Vectores de ataque fisico
    • Physical Red Team Operations
    • Que es la intrusion fisica
      • Vectores de ataque
    • Rubber Ducky
    • Stuxnet
    • Introduccion a Flipper Zero
      • BadUSB
  • Introduccion Al Hacking Web
    • Tu primer Red Team contra Active Directory
      • Objetivos
      • CyberKillChain en CPAD
    • La importancia del hacking web en un red team contra AD
    • Curso gratuito con los labs de PortSwigger
    • Enumeracion sobre un servidor web desplegado en IIS
    • Inyeccion de comandos desde un formulario web
  • Post-explotacion en windows
    • Fundamentos de la Enumeracion local en un Windows
    • Enumeracion basica desde una WebShell
    • Fundamentos de escalacion de privilegios en Windows
      • ¿Que son altos privilegios en windows?
      • ¿Que son bajos privilegios en windows?
      • Identificando mis privilegios actuales
      • Tokens de acceso en Windows
      • Niveles de integridad en procesos de Windows
    • Privilegios en Windows
    • Abusando de los privilegios SeImpersonatePrivilege SeAssignPrimaryTokenPrivilege
    • Introduccion al Curso Profesional de Pentesting contra Windows - [CPPW]
    • NT AUTHORITY\SYSTEM
    • Reverse Shell en PowerShell Indetectable
      • Introduccion al Curso RedTeam Ops Developer Senior
    • Migracion de WebShell a BurpSuite
    • Migracion de WebShell a Reverse Shell via PowerShell
    • Diferencia entre una WebShell y Reverse Shell
    • Introducción a PowerUp
    • Introducción a WinPEAS
  • Persistencia en Windows Local
    • Introduccion a la post-explotación y persistencia en Windows
    • Creacion de usuarios con net
    • Qué es Mimikatz
      • LSASS
      • Extraccion de credenciales con Mimikatz con binario
      • Extraccion de credenciales con Mimikatz con PowerShell
      • Resolucion de errores con Mimikatz
      • Mimikatz en la actualidad
  • Enumeracion en AD
    • Identificando un Domain Controller (DC) en red
    • ActiveDirectoryRights en el Contexto de Red Team
    • Enumeracion manual con GUI
    • Enumeracion con PowerShell ofensivo
      • Guia de comandos de PowerView.ps1
        • Enumeracion de usuarios
        • Enumeracion de Grupos
        • Enumeracion de Computadores
        • Enumeracion de GPO
        • Enumeracion de ACL
      • Utilizando ADPeas
    • Enumeracion con AD Module DLL
    • Enumeracion con BloodHound
    • Enumeracion con klist
    • Security Identifiers (SIDs)
    • Distinguished Name o DN
  • Vulnerabilidades y ataques en AD
    • Fundamentos de vulnerabilidades en AD
    • Password Spraying
      • La importancia de generar contraseñas personalizadas
      • Kerbrute
    • Relay Attacks
      • ¿Que es NTLM?
      • Utilizando impacket-ntlmrelayx
        • Análisis de impacket-ntlmrelayx
    • Credenciales en descripcion
      • Utilizando CrackMapExec
      • Utilizando BloodHound
    • Kerberoasting
      • Utilizando BloodHound
      • Utilizando Rubeus
      • Utilizando Impacket-GetUserSPNs
      • Utilizando CrackMapExec
      • Utilizando PowerView
    • ASREProastable
      • Utilizando Rubeus
      • Utilizando CrackMapExec
      • Utilizando Impacket-GetNPUsers
      • CVE-2022-33679
    • Unconstrained Delegation
      • TrustedToAuthForDelegation vs TrustedForDelegation
    • Constrained Delegation
      • Usuario
      • Computadora
        • Utilizando Rubeus
    • DnsAdmins
      • Utilizando PowerView.ps1
      • Utilizando NET
      • Cargando una dll maliciosa con dnscmd
      • Generando una DLL maliciosa
    • LAPS Reader
    • (RBCD) Resource-based constrained
    • Abuso de ACL
      • Enumeracion con PowerView
      • Tipos de permisos
        • Tabla de Referencia de Permisos y Derechos en Active Directory
      • Access Control Entry (ACE)
      • WriteDacl sobre Computador
      • GenericAll sobre Grupo
      • GenericAll sobre usuario
      • GenericWrite sobre computador
    • Abuso de GPO
      • ¿Qué es SysVol?
      • Utilizando PowerView
      • Solicitando TGT para el usuario gpowrite.user
      • Utilizando SharpGPOAbuse
      • Forzando la actualizacion de GPO
    • Zerologon - CVE-2020-1472
  • Movimiento lateral
    • Fundamentos de movimiento lateral en AD
    • Impersonation
    • Pass-the-Hash (PtH)
      • Identificando servicios para realizar el PTH
      • Utilizando Evil-WinRm
      • Utilizando impacket-psexec
      • Utilizando RDP
  • Persistencia y post-explotacion en AD
    • Fundamentos de persistencia y la post-explotación en AD
    • DCSync
      • Extracción de Credenciales del Dominio de Active Directory
      • Utilizando CrackMapExec
      • Utilizando Mimikatz
      • Utilizando Impacket-secretsdump
    • Creacion de usuarios en el dominio con net
    • Silver Ticket
      • Service Principal Name (SPN)
      • Silver Ticket para CIFS
    • Golden Ticket
      • Diferencias entre Silver Ticket y Golden Ticket
      • ¿Que es KRBTGT?
      • Variantes del Golden Ticket
        • Golden Ticket tradicional utilizando Mimikatz
        • Golden Ticket Inter-realm TGT
    • Pass The Ticket
      • PTT en Linux
      • PTT en Windows
    • Diamond Ticket
    • Bosques y relaciones de confianza
      • TrustAttributes y TrustType
      • Enumeracion utilizando ADPeas.ps1
      • Enumeracion utilizando nltest
      • Enumeracion utilizando .NET Framework
      • Enumeracion utilizando con PowerView
      • Enumerando con SharpHound
  • Introduccion a la evasion de defensas
    • Fundamentos de evasión de defensas
    • Introduccion a UAC
      • Bypass UAC utilizando FodhelperUACBypass.ps1
      • Bypass utilizando Kerberos y SMBExec
    • Evasión de antivirus
      • Utilizando HoaxShell
    • Introduccion a LOLBAS
    • AMSI para Hackers
    • Utilizando IP publicas y dominios confiables para el almacenamiento de herramientas
    • Codificando tus comandos de PowerShell en base64
      • Transferencia de archivos con base64
    • Política de ejecución de PowerShell
    • Introduccion a Sysinternals
    • Introduccion a AppLocker
    • Apagando defensas basicas
  • Introduccion a ataques modernos en AD
    • Fundamentos de Azure Active Directory
    • DCSync utilizando MSOL
    • Introduccion al Curso de Pentesting Contra Azure - [CPAZ]
  • Introduccion al Blue Team en Active Directory
    • Blue Team y SOC
    • Introduccion al Curso Profesional de Blue Team - [CPBLT]
    • Introduccion a Sysmon
      • Deteccion de comportamiento anomalo con ElasticSearch
  • Muchas Gracias
    • 🛡️ ¡Muchísimas Gracias por Participar! 🛡️
    • Importante
Con tecnología de GitBook
En esta página
  • Importancia:
  • Vulnerabilidades posibles:

¿Te fue útil?

  1. Enumeracion en AD
  2. Enumeracion con PowerShell ofensivo
  3. Guia de comandos de PowerView.ps1

Enumeracion de ACL

Importancia:

Las ACLs determinan quién puede hacer qué en sistemas y recursos específicos.

Vulnerabilidades posibles:

  • ACLs mal configuradas que otorgan acceso excesivo a recursos críticos.

  • Permisos heredados que no deberían aplicarse a ciertos recursos.

  • Posibilidades de escalada de privilegios debido a permisos inapropiados.

PS C:\windows\system32\inetsrv> Find-InterestingDomainAcl -ResolveGUIDs
ObjectDN                : CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName   : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=User,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC
                          =corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName   : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=Machine,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec
                          ,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName   : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=@,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=a.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=b.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=c.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=e.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=f.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=g.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=i.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=j.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=k.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : All
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName   : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass  : computer

ObjectDN                : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : All
AceFlags                : Inherited
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName   : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass  : computer

ObjectDN                : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : All
AceFlags                : Inherited
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName   : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass  : computer

ObjectDN                : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=constrained.user,CN=Users,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1117
IdentityReferenceName   : userwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1118
IdentityReferenceName   : userall.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=userall.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : User-Logon
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : Description
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : Display-Name
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : SAM-Account-Name
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : User-Account-Restrictions
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : ExtendedRight, GenericRead
ObjectAceType           : None
AceFlags                : None
AceType                 : AccessAllowed
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

AnteriorEnumeracion de GPOSiguienteUtilizando ADPeas

Última actualización hace 1 año

¿Te fue útil?