⚙️
OAO (Operating Account Operators)
⚙️ Operating Account Operators (OAO) is a Golang tool to interact with the LDAP protocol to manage account groups, roles, ACLs/ACEs, etc...
🕵️
What is OAO?
⚡
Installing / Getting started
A quick guide of how to install and use OAO.
1. go install github.com/oppsec/[email protected]
2. OAO -u domain.local/username:[email protected] -g 'Domain Admins' -m add/rem
You can use go install github.com/oppsec/[email protected]
to update the tool
⚙️
Pre-requisites
- Golang installed on your machine
- An valid user on domain with LDAP access
✨
Features
- Interact direct with LDAP (not malicious)
- Windows shell don't required
- Extremely fast
- Low RAM and CPU usage
- Made in Golang
⚔️
Attack Scenario & Suggestions
First of all, we suggest you use this tool in combination with BloodHound to easily find exploitable paths. You can find a real attack scenario in our article we used another version to just add a specific user to a group with high privileges and use DSync attack to extract the Domain Admin NTLM hash.
🔨
Contributing
A quick guide of how to contribute with the project.
1. Create a fork from OAO repository
2. Download the project with git clone https://github.com/your/OAO.git
3. cd OAO/
4. Make your changes
5. Commit and make a git push
6. Open a pull request
⚠️
Warning
- The developer is not responsible for any malicious use of this tool.