The “Active Directory Tier Model” is a logical separation of AD assets, having some kind of security boundaries in between. The idea is to protect the most valued identities within the active directory (Tier 0), while standard desktops and users (Tier2, and in some cases Tier 3) can surf the web, check their email, or access services and applications that reside on a different tier (Tier 1). Microsoft provides extensive information on the Tier Model. The implementation of such model will help significantly mitigate “Credential Theft” techniques as it could be “Pass-the-Hash” or “Pass-the-ticket”, which are the basis of todays majority security breaches.
Info:
File is located in the CredentialCompartmentalizing/Credentials/src Directory
NOTE: The application is case-sensitive!!!
All runs of the application will show information on usage
FUN: You can customize the quote by modifying CredentialCompartmentalizing/Credentials/src/Supercool.txt
Run:
java Generator.java -l (Active Directory Priv Level) \n{Domain Admin, Domain Object Admin, Server Admin, Workstation Admin, Normal User}
OPTIONS:
-o: Outputs password to Passcode.txt
Help:
java Generator.java -h
Examples:
java Generator.java -l "Domain Object Admin"