Documentation
Impacket
addcomputer.py

addcomputer.py

Using Impacket’s addcomputer.py Tool

Purpose

The addcomputer.py tool from the Impacket suite allows users to add a computer account to an Active Directory (AD) domain. This is useful in testing Active Directory security, as adding computer accounts without proper permissions can reveal misconfigurations or excessive privileges assigned to users. It is often used in penetration testing to understand how attackers might exploit these privileges.

How It Works

The tool leverages LDAP (Lightweight Directory Access Protocol) to communicate with the AD domain and create new computer accounts. If an attacker compromises credentials with sufficient privileges, they could use this to create rogue devices within the domain.

Steps to Use addcomputer.py

1. Verify Required Privileges

Ensure the user account whose credentials you’ll provide has permissions to create new computer accounts in the target domain.

2. Gather Necessary Information

  • Target domain (e.g., example.com).
  • Credentials of the user account (e.g., username and password).
  • Name of the new computer to add (e.g., FakeComputer$).
  • Optional: Provide an NTLM hash instead of a plaintext password.

3. Run the Command

Execute addcomputer.py with the appropriate arguments to add the computer.

Command Syntax 

addcomputer.py -dc-ip <DomainControllerIP> <domain>/<username>:<password>
  • -dc-ip: Specifies the IP address of the domain controller.
  • /:: The credentials for the domain user.

Example Command

Here’s an example of adding a computer named FakeComputer$ with a password of Password123 to the example.com domain:

addcomputer.py -dc-ip 192.168.1.100 example.com/user:Password123 -computer-name FakeComputer$ -computer-pass Password123
  • -computer-name: Specifies the name of the computer to add (FakeComputer$).
  • -computer-pass: Sets the password for the computer account.

Additional Options

  • -hashes: Use NTLM hash instead of plaintext password:
addcomputer.py -dc-ip 192.168.1.100 example.com/user -hashes <NTLM_HASH> -computer-name FakeComputer$ -computer-pass Password123
  • -debug: Enable debug output for troubleshooting.

Output

If successful, the tool will confirm that the computer account was added to the domain. You can verify this by querying the AD domain for the new computer account.

Security Implications

Using addcomputer.py highlights potential misconfigurations in Active Directory. Best practices include:

  • Restricting who can add computer accounts.
  • Monitoring for suspicious new computer accounts.

By testing with addcomputer.py, organizations can improve their AD security and mitigate potential vulnerabilities.

USHE DocsImpacket