Gh0st
/
PowerSploit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update PowerView.ps1 

Fixed null access control entry in results.
This commit is contained in:
Itamar 2017-05-07 11:21:56 +03:00 committed by GitHub
parent 2501e8e912
commit 6a71a6e526
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Recon/PowerView.ps1
View File

@ -18814,13 +18814,15 @@ function Get-GPODelegation
$Searcher.SearchScope = "Subtree" $Searcher.SearchScope = "Subtree"
$listGPO = $Searcher.FindAll() $listGPO = $Searcher.FindAll()
foreach ($gpo in $listGPO){ foreach ($gpo in $listGPO){
$ACL = (([ADSI]$gpo.path).ObjectSecurity).Access | ? {$_.ActiveDirectoryRights -match "Write" -and $_.AccessControlType -eq "Allow" -and $Exclusions -notcontains $_.IdentityReference.toString().split("\")[1] -and $_.IdentityReference -ne "CREATOR OWNER"} $ACL = ([ADSI]$gpo.path).ObjectSecurity.Access | ? {$_.ActiveDirectoryRights -match "Write" -and $_.AccessControlType -eq "Allow" -and $Exclusions -notcontains $_.IdentityReference.toString().split("\")[1] -and $_.IdentityReference -ne "CREATOR OWNER"}
$GpoACL = New-Object psobject if ($ACL -ne $null){
$GpoACL | Add-Member Noteproperty 'ADSPath' $gpo.Properties.adspath $GpoACL = New-Object psobject
$GpoACL | Add-Member Noteproperty 'GPODisplayName' $gpo.Properties.displayname $GpoACL | Add-Member Noteproperty 'ADSPath' $gpo.Properties.adspath
$GpoACL | Add-Member Noteproperty 'IdentityReference' $ACL.IdentityReference $GpoACL | Add-Member Noteproperty 'GPODisplayName' $gpo.Properties.displayname
$GpoACL | Add-Member Noteproperty 'ActiveDirectoryRights' $ACL.ActiveDirectoryRights $GpoACL | Add-Member Noteproperty 'IdentityReference' $ACL.IdentityReference
$GpoACL $GpoACL | Add-Member Noteproperty 'ActiveDirectoryRights' $ACL.ActiveDirectoryRights
$GpoACL
}
} }
} }
} }