Beacon's Net Module

Beacon’s net module provides tools to interrogate and discover targets in a Windows active directory network.

Use net [pid] [arch] [command] [arguments] to inject the network and host enumeration tool into the specified process. Use net [command] [arguments] (without [pid] and [arch] arguments) to spawn a temporary process and inject the network and host enumeration tool into it. An exception is the net domain command which is implemented as a BOF.net domain.

The commands in Beacon’s net module are built on top of the Windows Network Enumeration APIs. Most of these commands are direct replacements for many of the built-in net commands in Windows (there are also a few unique capabilities here as well). The following commands are available:

Usage: net [COMMAND] [ARGUMENTS]

• 1. computers (Lists hosts in a domain (groups))

• 1. dclist (Lists domain controllers. (populates the targets model))

• 1. domain (Display domain for this host)

• 1. domain_controllers (Lists DCs in a domain (groups))

• 1. domain_trusts (Lists domain trusts)

• 1. group (Lists groups and users in groups)

• 1. localgroup (Lists local groups and users in local groups. (great during lateral movement when you have to find who is a local admin on another system).)

• 1. logons (Lists users logged onto a host)

• 1. sessions (Lists sessions on a host)

• 1. share (Lists shares on a host)

• 1. user (Lists users and user information)

• 1. time (Show time for a host)

• 1. view (Lists hosts in a domain (browser service). (populates the targets model))