-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSearchRBCD.ps1
More file actions
27 lines (21 loc) · 953 Bytes
/
SearchRBCD.ps1
File metadata and controls
27 lines (21 loc) · 953 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# import the PowerView module
Import-Module C:\Tools\PowerView.ps1
# get all computers in the domain
$computers = Get-DomainComputer
# get all users in the domain
$users = Get-DomainUser
# define the required access rights
$accessRights = "GenericWrite","GenericAll","WriteProperty","WriteDacl"
# loop through each computer in the domain
foreach ($computer in $computers) {
# get the security descriptor for the computer
$acl = Get-ObjectAcl -SamAccountName $computer.SamAccountName -ResolveGUIDs
# loop through each user in the domain
foreach ($user in $users) {
# check if the user has the required access rights on the computer object
$hasAccess = $acl | ?{$_.SecurityIdentifier -eq $user.ObjectSID} | %{($_.ActiveDirectoryRights -match ($accessRights -join '|'))}
if ($hasAccess) {
Write-Output "$($user.SamAccountName) has the required access rights on $($computer.Name)"
}
}
}