Post

AD_Permissions_ReportGEN

AD_Permissions_ReportGEN

AD_Permissions_ReportGEN

I would argue that this is what started me on disproving Snake Oil and lies on the internet.

My memory is a little foggy on this one as it’s been years since it was built but from what I remember.

Someone on LinkedIn was claiming that an Application they had built in VB5 (from the looks, it was basic as sh*t) claimed that this ‘Cyber Goldfinger Weapon’ would, once ran, output a list of all AD users and their permissions in a csv file for easy checking and was worth ONE BILLION DOLLARS!

Yes.

That was my reaction too.

I literally fell off the chair with laughter.

I knew it wasn’t worth anything, in fact I was entirely sure it was a built in feature of Windows and Powershell.

So after about 20 minutes of digging and a little quick test. I created a Powershell ps1 script that would output users and permissions from AD to a csv file.

Needless to say they shut up and disappeared REAL QUICK after this was revealed and even my good Dan @UK_Daniel_Card tested this and shared the results on twitter.

Yep did exactly what it should do and didn’t cost anything besides 25 minutes of my time.

My first FUD Fighting activity was 20 minutes on Google and 5 minutes coding, If only I knew then (2021) what I would be doing in 2024 fighting the FUD still.

Good Times.

If you want to see the project yourself you can see it here:

Ha3ks - AD_Permissions_ReportGEN on Github

🤙


I don’t have any sponsors or anything but if you enjoy my work, or feel sympathy for my wife, then I have set up a Ko-Fi account as well as a BuyMeACoffee people can donate to.

This post is licensed under CC BY 4.0 by the author.