Press "Enter" to skip to content

Month: March 2015

Domain Trusts: Why You Should Care

[Edit 8/13/15] – Here is how the old version 1.9 cmdlets in this post translate to PowerView 2.0: Get-NetForestDomains  ->  Get-NetForestDomain Get-NetDomainTrusts  ->  Get-NetDomainTrust Get-NetForestTrusts  ->  Get-NetForestTrust Invoke-MapDomainTrusts  ->  Invoke-MapDomainTrust Invoke-FindUserTrustGroups  ->  Find-ForeignUser Get-NetDomainControllers  ->  Get-NetDomainController Red teams have been abusing Windows domain trusts for years with great success, but the topic is still underrepresented in public infosec discussions. While the community has started to talk more about Active Directory exploitation (see Carlos Perez’s talk at Derbycon ’14) I haven’t seen a huge amount of information discussing domain trusts from an offensive perspective. I have to admit, this topic was pretty murky for me…