PowerView

Last modified: 2024-09-14

A Powershell’s script to gain network situational awareness on Windows domain.

Enabling PowerView on PowerShell

Import-Module .\PowerView.ps1

To start PowerView

. .\PowerView.ps1

Enumeration

# List domain users
Get-NetUser | select cn

# List domain groups
Get-NetGroup -GroupName *admin*

# Get shared folders
Invoke-ShareFinder

# Get operating systems running
Get-NetComputer -fulldata | select operatingsystem

# Find files or directories
Get-ChildItem -r -Filter "*.txt" -Name

Privilege Escalation

Set New Password for Existing User

$Username = "John"
$Password = ConvertTo-SecureString 'Password@123' -AsPlainText -Force
Set-DomainUserPassword -Identity $Username -AccountPassword $Password

Active Directory

Protocol

Service

Privilege Escalation

Post Exploitation

Forensics

PowerShell

WSL

Technique

PowerView

Enabling PowerView on PowerShell

Enumeration

Privilege Escalation

Set New Password for Existing User

ON THIS PAGE