wh0amitz / SharpRODC Public

Notifications You must be signed in to change notification settings
Fork 8
Star 113

To audit the security of read-only domain controllers

113 stars 8 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
SharpRODC		SharpRODC
packages		packages
README.md		README.md
SharpRODC.sln		SharpRODC.sln

Repository files navigation

SharpRODC

To audit the security of read-only domain controllers, I created the SharpRODC project, a simple .NET tool for RODC-related misconfiguration. For more details on attacking RODC please read my blog: “Revisiting a Abuse of Read-Only Domain Controllers (RODCs)”

The tool enumerates the following from Active Directory:

DACL of the RODC object
RODC's Krbtgt account
DACL of the "Allowed RODC Password Replication Group" object
DACL of the "Denied RODC Password Replication Group" object
"managedBy" attribute value of RODC object
DACL of the user or group to whom RODC administrative rights are delegated
"msDS-RevealOnDemandGroup" attribute value of the RODC object
"msDS-NeverRevealGroup" attribute value of the RODC object
"msDS-RevealedList attribute" value of the RODC object
RODC-related DACL on the domain partition object

About

To audit the security of read-only domain controllers

windows active-directory blueteam redteam rodc

Report repository

Releases

No releases published

Packages

No packages published

Languages

C# 100.0%