Skip to content

Request: Post Module - enum_computers via LDAP/AD #896

Closed
Meatballs1 opened this Issue Oct 12, 2012 · 1 comment

2 participants

@Meatballs1

The current enum_computers post module currently uses 'net view' in a shell to recover computers which is pretty unreliable; it often wont return any results; and inconsitant; it doesn't return all domain computers.

As a windows domain member you can enumerate domain computers (and shared folders/printers/users/groups etc) with LDAP lookups in AD.

This is really handy for identifying specific server types etc:
c:\windows\system32\rundll32.exe dsquery.dll,OpenQueryWindow

I was wondering if it could be done via WinAPIs or some funky Powershell? Will try and implement this myself if I have some time!

@todb-r7
todb-r7 commented Nov 17, 2012

Tracking this as http://dev.metasploit.com/redmine/issues/7473 and set @Meatballs1 as a watcher.

@todb-r7 todb-r7 closed this Nov 17, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.