Repositories
The project consists of repositories:
Disclaimer
It’s only for education purposes.
Avoid using it on the production Active Directory (AD) domain.
Neither contributor incur any responsibility for any using it.
Social media
Check out our Red Team community Telegram channel
Description Architecture
For the visual descriptions, open the diagram files using the diagrams.net tool.
The app consists of:
Functionallity
The DC Sonar Community provides functionality for analyzing AD domains for security risks related to accounts:
Register analyzing AD domain in the app
See the statuses of domain analyzing processes
Dump and brute NTLM hashes from set AD domains to list accounts with weak and vulnerable passwords
Analyze AD domain accounts to list ones with never expire passwords
Analyze AD domain accounts by their NTLM password hashes to determine accounts and domains where passwords repeat
Installation Docker
In progress …
Manually using dpkg
It is assumed that you have a clean Ubuntu Server 22.04 and account with the username “user”.
The app will install to /home/user/dc-sonar.
The next releases maybe will have a more flexible installation.
Download dc_sonar_NNNN.N.NN-N_amd64.tar.gz from the last distributive to the server.
Create a folder for extracting files:
mkdir dc_sonar_NNNN.N.NN-N_amd64
Extract the downloaded archive:
tar -xvf dc_sonar_NNNN.N.NN-N_amd64.tar.gz -C dc_sonar_NNNN.N.NN-N_amd64
Go to the folder with the extracted files:
cd dc_sonar_NNNN.N.NN-N_amd64/
Install PostgreSQL:
sudo bash install_postgresql.sh
Install RabbitMQ:
sudo bash install_rabbitmq.sh
Install dependencies:
sudo bash install_dependencies.sh
Read more