▣ Executive Summary
Total Identities
14
users · groups · computers
DA Path Holders
3
identities with DA access
Escalation Paths
3
routes to Domain Admin
Kerberoastable
3
SPN-bearing identities
ACL Abuse Targets
0
high-risk permission chains
Delegation Risks
1
unconstrained / constrained
⟶ Domain Admin Privilege Paths
3
| Identity | Path Count | Shortest (hops) | Example Paths |
| User:Administrator |
1 |
2 |
- User:Administrator→Group:Domain Admins
|
| User:vkohli |
1 |
3 |
- User:vkohli→Group:Director→Group:Domain Admins [INDIRECT]
|
| User:jbumrah |
1 |
3 |
- User:jbumrah→Group:Director→Group:Domain Admins [INDIRECT]
|
⚿ Kerberoastable Identities
3
| Identity | Service Principal Names | DA Path? | Risk |
|---|
| User:krbtgt |
kadmin/changepw |
NO |
MEDIUM |
| User:rsharma |
HTTP/hr-app.blues.local |
NO |
HIGH |
| Computer:BLUES-DC$ |
Dfsr-12F9A27C-BF97-4787-9364-D31B6C55EB04/Blues-DC.Blues.localldap/Blues-DC.Blues.local/ForestDnsZones.Blues.localldap/Blues-DC.Blues.local/DomainDnsZones.Blues.localDNS/Blues-DC.Blues.localGC/Blues-DC.Blues.local/Blues.localRPC/2e7cb30a-bcf3-4cf2-9285-5dcf28936f2b._msdcs.Blues.localE3514235-4B06-11D1-AB04-00C04FC2DCD2/2e7cb30a-bcf3-4cf2-9285-5dcf28936f2b/Blues.localldap/BLUES-DC/BLUESldap/2e7cb30a-bcf3-4cf2-9285-5dcf28936f2b._msdcs.Blues.localldap/Blues-DC.Blues.local/BLUESldap/BLUES-DCldap/Blues-DC.Blues.localldap/Blues-DC.Blues.local/Blues.local |
NO |
MEDIUM |
⇌ Delegation Configuration Risks
1
Computer:BLUES-DC$
→
Identity:*
MEDIUM
Delegation Type
unconstrained
Conditions
target_authenticatesforwardable_ticket
⊡ ACL Permission Abuse Chains
0
✓No ACL abuse chains detected
◈ Authorization Graph Explorer
5N / 4E
nodes 5edges 4
Drag nodes · Scroll to zoom · Pan on canvas · Hover for details