Module: user

This module is used to query data about unprivileged accounts.

General usage:

🦝 > user <submodule>[=enabled]

Results can be exported to a csv file using the keyword “export” at the end of the command:

🦝 > user <submodule> export

A csv file will be generated in “exports” directory.

user readlaps

This submodule finds if any unprivileged user can read LAPS passwords.

🦝 > user readlaps

To filter by enabled users, “=enabled” must be used:

🦝 > user readlaps=enabled

This submodule finds all unprivileged users with a password that never expires.

🦝 > user passwordneverexpires

To filter by enabled users, “=enabled” must be used:

🦝 > user passwordneverexpires=enabled

This submodule finds all unprivileged users with local admin rights on computers.

🦝 > user localadmin

To filter by enabled users, “=enabled” must be used:

🦝 > user localadmin=enabled

This submodule finds all unprivileged users with local admin rights on domain controllers.

🦝 > user localadminDC

To filter by enabled users, “=enabled” must be used:

🦝 > user localadminDC=enabled