Gh0st
/
PowerSploit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Get-DomainGPO - fixed enumerations of 'enforced' GPOs, and 

bug fix for nested OUs with similar starting names.
This commit is contained in:
HarmJ0y 2017-04-28 00:56:52 -04:00
parent 27747f982c
commit 095988269b
1 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Recon/PowerView.ps1
View File

@ -11164,7 +11164,7 @@ The raw DirectoryServices.SearchResult object, if -Raw is enabled.
$ObjectOUs = @() $ObjectOUs = @()
$ObjectOUs += $ObjectDN.split(',') | ForEach-Object { $ObjectOUs += $ObjectDN.split(',') | ForEach-Object {
if($_.startswith('OU=')) { if($_.startswith('OU=')) {
$ObjectDN.SubString($ObjectDN.IndexOf($_)) $ObjectDN.SubString($ObjectDN.IndexOf("$($_),"))
} }
} }
Write-Verbose "[Get-DomainGPO] object OUs: $ObjectOUs" Write-Verbose "[Get-DomainGPO] object OUs: $ObjectOUs"
@ -11174,13 +11174,28 @@ The raw DirectoryServices.SearchResult object, if -Raw is enabled.
$SearcherArguments.Remove('Properties') $SearcherArguments.Remove('Properties')
$InheritanceDisabled = $False $InheritanceDisabled = $False
ForEach($ObjectOU in $ObjectOUs) { ForEach($ObjectOU in $ObjectOUs) {
if ($InheritanceDisabled) { break }
$SearcherArguments['Identity'] = $ObjectOU $SearcherArguments['Identity'] = $ObjectOU
$GPOAdsPaths += Get-DomainOU @SearcherArguments | ForEach-Object { $GPOAdsPaths += Get-DomainOU @SearcherArguments | ForEach-Object {
# extract any GPO links for this particular OU the computer is a part of # extract any GPO links for this particular OU the computer is a part of
if ($_.gplink) {
$_.gplink.split('][') | ForEach-Object { $_.gplink.split('][') | ForEach-Object {
if ($_.startswith('LDAP')) { if ($_.startswith('LDAP')) {
$_.split(';')[0] $Parts = $_.split(';')
$GpoDN = $Parts[0]
$Enforced = $Parts[1]
if ($InheritanceDisabled) {
# if inheritance has already been disabled and this GPO is set as "enforced"
# then add it, otherwise ignore it
if ($Enforced -eq 2) {
$GpoDN
}
}
else {
# inheritance not marked as disabled yet
$GpoDN
}
}
} }
} }