BADministration

BADministration is a tool which interfaces with management or administration applications from an offensive standpoint. It attempts to provide offsec personnel with a tool with the ability to identify and leverage these non-technical vulnerabilities. As always: use for good, promote security, and fight application propagation.

Current Modules

Solarwinds Orion

• solarwinds-enum – Module used to enumerate clients of Orion
• solarwinds-listalerts – Lists Orion alerts and draws attention to malicious BADministration alerts
• solarwinds-alertremove – Removes the malicious alert
• solarwinds-syscmd – Executes a system command on the Orion server via malicious alert
• Standalone x64 4.5 .NET BADministration_SWDump.exe – Scrapes memory for WMI credentials used by Orion.
  • Can consume large amounts of memory, use at your own risk
  • Compile me as x64

Install

git clone https://github.com/ThunderGunExpress/BADministration.git
pip install -r requirements.txt

Use

Tutorial

Source: https://github.com/ThunderGunExpress/