pywerview v0.4.1
ThePirateWhoSmellsOfSunflowers
released this
26 Jan 15:20
·
100 commits
to master
since this release
Features
- Added a
--laps-passwords
option toget-netcomputer
to query only computers for which the user can read LAPS passwords (thanks @SAERXCIT). - Added
allowed-to-authenticate
in the right filter list forget-objectacl
. This can be useful when Selective Authentication is set (see https://twitter.com/AlmondOffSec/status/1577958969523535873). - Added a
--pre-created
option toget-netcomputer
to return potentially vulnerable computer accounts (see https://www.trustedsec.com/blog/diving-into-pre-created-computer-accounts/). Caution: This option is prone to false positives and negatives. - Added a Dockerfile based on a Ubuntu image (thanks @sdcampbell and @p1gp1g).
Modifications
useraccountcontrol
attribute is now returned when usingget-netgroupmember
function. This can be useful to detect disabled admin accounts or accounts that are not allowed for delegation.- The project now uses
beautifulsoup4
instead ofbs4
package (thanks @fabaff). ms-Mcs-AdmPwdExpirationTime
is now formatted as a timestamp.get-netcomputer
now returns all computer accounts even those withoutdnshostname
.samaccountype
attribute is now formatted as a string.- The project now falls back to pycryptodome if pycryptodomex is not installed (thanks @thesamesam).
get-netgroupmember
now returns also computer accounts- Better exception handling to detect Channel Binding and LDAP Signing