diff options
| -rwxr-xr-x | Recon/PowerView.ps1 | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/Recon/PowerView.ps1 b/Recon/PowerView.ps1 index 524c85e..021f9be 100755 --- a/Recon/PowerView.ps1 +++ b/Recon/PowerView.ps1 @@ -8751,11 +8751,12 @@ Switch. Return users with '(adminCount=1)' (meaning are/were privileged). .PARAMETER GroupScope Specifies the scope (DomainLocal, Global, or Universal) of the group(s) to search for. +Also accepts NotDomainLocal, NotGloba, and NotUniversal as negations. .PARAMETER GroupProperty Specifies a specific property to search for when performing the group search. -Possible values are Security, Distribution, and CreatedBySystem. +Possible values are Security, Distribution, CreatedBySystem, and NotCreatedBySystem. .PARAMETER Domain @@ -8919,12 +8920,12 @@ Custom PSObject with translated group property fields. [Switch] $AdminCount, - [ValidateSet('DomainLocal', 'Global', 'Universal')] + [ValidateSet('DomainLocal', 'NotDomainLocal', 'Global', 'NotGlobal', 'Universal', 'NotUniversal')] [Alias('Scope')] [String] $GroupScope, - [ValidateSet('Security', 'Distribution', 'CreatedBySystem')] + [ValidateSet('Security', 'Distribution', 'CreatedBySystem', 'NotCreatedBySystem')] [String] $GroupProperty, @@ -9075,18 +9076,22 @@ Custom PSObject with translated group property fields. if ($PSBoundParameters['GroupScope']) { $GroupScopeValue = $PSBoundParameters['GroupScope'] $Filter = Switch ($GroupScopeValue) { - 'DomainLocal' { '(groupType:1.2.840.113556.1.4.803:=4)' } - 'Global' { '(groupType:1.2.840.113556.1.4.803:=2)' } - 'Universal' { '(groupType:1.2.840.113556.1.4.803:=8)' } + 'DomainLocal' { '(groupType:1.2.840.113556.1.4.803:=4)' } + 'NotDomainLocal' { '(!(groupType:1.2.840.113556.1.4.803:=4))' } + 'Global' { '(groupType:1.2.840.113556.1.4.803:=2)' } + 'NotGlobal' { '(!(groupType:1.2.840.113556.1.4.803:=2))' } + 'Universal' { '(groupType:1.2.840.113556.1.4.803:=8)' } + 'NotUniversal' { '(!(groupType:1.2.840.113556.1.4.803:=8))' } } Write-Verbose "[Get-DomainGroup] Searching for group scope '$GroupScopeValue'" } if ($PSBoundParameters['GroupProperty']) { $GroupPropertyValue = $PSBoundParameters['GroupProperty'] $Filter = Switch ($GroupPropertyValue) { - 'Security' { '(groupType:1.2.840.113556.1.4.803:=2147483648)' } - 'Distribution' { '(!(groupType:1.2.840.113556.1.4.803:=2147483648))' } - 'CreatedBySystem' { '(groupType:1.2.840.113556.1.4.803:=1)' } + 'Security' { '(groupType:1.2.840.113556.1.4.803:=2147483648)' } + 'Distribution' { '(!(groupType:1.2.840.113556.1.4.803:=2147483648))' } + 'CreatedBySystem' { '(groupType:1.2.840.113556.1.4.803:=1)' } + 'NotCreatedBySystem' { '(!(groupType:1.2.840.113556.1.4.803:=1))' } } Write-Verbose "[Get-DomainGroup] Searching for group property '$GroupPropertyValue'" } |