Abuse-WriteOwner is a Python script designed to automate the exploitation of the WriteOwner permission in Active Directory (AD) objects. This tool allows security professionals to:
- Take ownership of an AD object.
- Assign themselves
GenericAllpermissions on the object. - Reset the object's password.
- Optionally clean up changes by removing
GenericAllpermissions.
This tool is intended for authorized penetration testing and red team operations only. Unauthorized use is illegal.
- Automates privilege escalation using
WriteOwnerin AD. - Uses Impacket tools to modify ownership and permissions.
- Integrates the
netcommand for password changes. - Provides optional cleanup functionality.
- Impacket: Ensure the
owneredit.pyanddacledit.pyscripts from Impacket are in the working directory. net** Command**: Pre-installed on systems like Kali Linux, accessible via PATH.
- Python 3.6 or higher.
- Operating system: Kali Linux or similar security-focused distributions.
- Attacker account must have
WriteOwnerpermissions on the target AD object.
-
Clone this repository:
git clone https://github.com/your-username/WriteOwner-Abuse.git cd WriteOwner-Abuse -
Install Impacket if not already installed:
pip install impacket
-
Ensure
owneredit.pyanddacledit.pyare in the script's directory.
python writeowner_abuse.py \
-d <domain_name> \
-u <attacker_username> \
-p <attacker_password> \
-vu <victim_username> \
-dc <domain_controller_fqdn> \
-np <new_password>When prompted, you can choose to remove the added GenericAll permissions:
[?] Do you want to remove the added permissions? (yes/no): yesThis tool is for educational purposes and authorized security assessments only. Unauthorized use of this tool against systems without explicit permission is illegal and unethical.