cyberark / aclight Goto Github PK
View Code? Open in Web Editor NEWA script for advanced discovery of Privileged Accounts - includes Shadow Admins
License: BSD 3-Clause "New" or "Revised" License
A script for advanced discovery of Privileged Accounts - includes Shadow Admins
License: BSD 3-Clause "New" or "Revised" License
“\� : The module '“' could not be loaded. For more information, run 'Import-Module “'.
At C:\Users\jxc11\Downloads\ACLight-master\ACLight-master\ACLight.ps1:250 char:57
$NameArray = $_.UpdatedIdentityReference -Split(“\\�)
~~~~~~~~
When I execute the .bat file I get
C:\ACLight2>Execute-ACLight2.bat
The syntax of the command is incorrect.
C:\ACLight2><!DOCTYPE html>
The directory contents are
10/14/2021 11:25 AM 1,067,335 ACLight2.ps1
10/14/2021 11:25 AM 148,510 ACLight2.psd1
10/14/2021 11:25 AM 139,894 ACLight2.psm1
10/14/2021 11:25 AM 146,122 Execute-ACLight2.bat
10/14/2021 11:25 AM 152,299 LICENSE.htm
10/14/2021 11:25 AM 153,536 README.md
Execute-ACLight2.bat from a directory with the same contents.
The account scan should run.
C:\ACLight2>Execute-ACLight2.bat
The syntax of the command is incorrect.
C:\ACLight2><!DOCTYPE `html>`
v 2
Windows on bare metal
Add any other context about the problem here.
Per example 2 on here: https://www.cyberark.com/threat-research-blog/shadow-admins-stealthy-accounts-fear/
The script should be able to detect when an account has the "Reset Password" permission for a domain admin account, but it does not. Small domain (1 DC, 8 computers, 5 users)
Sir can you please share technet c2 server script for research purposes please,if it's possible.
I have a large test lab of over 100,000 users. I ran this on a VM with 8 GB RAM and got the following:
Array dimensions exceeded supported range.
At line:578 char:17
+ $domainUserList += $domainUsers.name
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], OutOfMemoryException
+ FullyQualifiedErrorId : System.OutOfMemoryException`
This was after the CSV was created. and after the following output:
All the processes completed. Now, starting Accounts analysis..
So your tool never finishes as far I can tell. I have left it going for nearly 24 hours now.
I had this warning message:
Scanning ACLs - Layer 4
WARNING: An error occurred while enumerating through a collection: The (&(name=)(distinguishedname=)(|(objectSid=S-1-5-21-915214332-934432599-2099212325-31100)(objectSid=S-1-5-21-915214332-93443259
9-2099212325-31990)(objectSid=))) search filter is invalid.
There were no previous layer warnings or errors.
Get-NetGroupMember : Unable to find Group
At C:\Users\jxc11\Downloads\ACLight-master\ACLight-master\ACLight.ps1:635 char:54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For your information:
What I want to do is to execute the script on a machine that is not in the target domain . So I played a tricky way:
Configuring the dns of the server 08 to point to the target DC.
Using cmd and execute:
c:> runas /netonly /user:xxx.com\username powershell
now I have a domain user powershell, then:
PS c:> import-module aclight2.psm1
PS c:> Start-ACLsAnalysis
Unfortunately, I got some error...
And the script was tested successfully on a Windows 10 which is in the domain.
Please check this, Thanks a lot.
I received the below error
Get-NetGroupMember : Unable to find Group
At D:\Downloads\ACLight-master\ACLight.ps1:635 char:54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.