Here is a simple powershell script to list the service principal names
among user accounts in a Windows domain. Understanding why the SPNs
exist and how they could be abused is important. $info = Get-ADUser -Filter * -Properties ServicePrincipalNames ForEach ($user in $info) { $samAccountName = $user.SamAccountName If ($user.ServicePrincipalNames -ne $null) { ForEach ($spn in $user.ServicePrincipalNames) { "$($samAccountName) $spn" } } }
Monday, May 11, 2020
List of Service Principal Names (SPNs) amongst AD Users
Subscribe to:
Post Comments (Atom)
-
Here is a quick walk through of GetBoo. The first item that I found was you can harvest the usernames of the existing users that are regist... -
As I was glancing through the logs of my honeypots I spent some time to look at the following logs. In the past I have just overlooked them... -
I ran a Nikto scan and found the following vulnerability in the report that it produces: "OSVDB-637: Enumeration of users is possible...
-
I thought I would work through a few of these web applications provided by OWASP on their broken web applications VM. The first one I th... -
In the honeypot I found over 276 requests for cgi files that could be accessed to leverage the shellshock vulnerability documented as CVE-20...
No comments:
Post a Comment