Note that package versions prior to 3.5 were not official. This package is self-contained and it will also install all dependencies. Since PowerShell 5, you can install the DSInternals module directly from the official PowerShell Gallery by running the following command:Ĭhoco install dsinternals -psmodule -confirm In case you would also like to help with this project, please see the CONTRIBUTING document. I would like to thank all people who have contributed to the project by sending their feedback or by submitting their code.
I have created these tools in my spare time and I am using them while performing AD security audits and also in my lectures to demonstrate how Active Directory works internally. Improper use might cause irreversible damage to domain controllers or negatively impact domain security.
Password hash calculation, including NT hash, LM hash and kerberos keys.ĭISCLAIMER: Features exposed through these tools are not supported by Microsoft. Extracting credential roaming data and DPAPI domain backup keys, either online through directory replication, LSARPC and offline from ntds.dit. LSA Policy modification through the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD / LSARPC). Domain or local account password hash injection through the Security Account Manager (SAM) Remote Protocol (MS-SAMR) or directly into the database. Online password hash dumping through the Directory Replication Service (DRS) Remote Protocol (MS-DRSR). 
Offline ntds.dit file manipulation, including hash dumping, password resets, group membership changes, SID History injection and enabling/ disabling accounts. Bare-metal recovery of domain controllers from just IFM backups (ntds.dit + SYSVOL). New NGC keys can also be registered through the MS-DRSR protocol. Keys can also be tested against the ROCA vulnerability. Key credential auditing and generation, including support for NGC, FIDO2 and STK keys. Active Directory password auditing that discovers accounts sharing the same passwords or having passwords in a public database like HaveIBeenPwned or in a custom dictionary. Azure Active Directory FIDO2 key auditing and retrieval of system information about all user-registered key credentials. 
The DSInternals PowerShell Module provides easy-to-use cmdlets that are built on top of the Framework.The codebase has already been integrated into several 3 rd party commercial products that use it in scenarios like Active Directory disaster recovery, identity management, cross-forest migrations and password strength auditing. The DSInternals Framework exposes several internal features of Active Directory and can be used from any.The DSInternals project consists of these two parts:
0 kommentar(er)
