swisskyrepo
/
NetExec
mirror of https://github.com/swisskyrepo/NetExec.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update a little bit

main
mpgn 2022-10-31 08:33:41 -04:00
parent 132332a8fd
commit 3942eab31b
3 changed files with 37 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
cme/protocols/ldap.py
View File

@ -268,6 +268,11 @@ class ldap(connection):
hash_asreproast.write(hash_TGT + '\n')
return False
if not all('' == s for s in [self.nthash, password, aesKey]):
kerb_pass = next(s for s in [self.nthash, password, aesKey] if s)
else:
kerb_pass = ''
try:
# Connect to LDAP
proto = "ldaps" if self.args.gmsa else "ldap"
@ -284,7 +289,7 @@ class ldap(connection):
self.username,
# Show what was used between cleartext, nthash, aesKey and ccache
" from ccache" if useCache
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '' or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (kerb_pass if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
self.logger.extra['protocol'] = "LDAP"
@ -308,7 +313,7 @@ class ldap(connection):
self.logger.error(u'{}\\{}{} {}'.format(self.domain,
self.username,
" from ccache" if useCache
else ":%s" % (next((sub for sub in [self.nthash, password, aesKey] if sub != '' or sub != None)) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (kerb_pass if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
str(error)),
color='magenta' if error in ldap_error_status else 'red')
return False
@ -316,7 +321,7 @@ class ldap(connection):
self.logger.error(u'{}\\{}{} {}'.format(self.domain,
self.username,
" from ccache" if useCache
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '' or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (kerb_pass if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
''),
color='red')
return False
@ -338,7 +343,7 @@ class ldap(connection):
out = u'{}\\{}{} {}'.format(domain,
self.username,
" from ccache" if useCache
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '' or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (kerb_pass if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
if self.username == '':
@ -372,7 +377,7 @@ class ldap(connection):
self.logger.error(u'{}\\{}{} {}'.format(self.domain,
self.username,
" from ccache" if useCache
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '' or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (kerb_pass if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
str(error)),
color='magenta' if error in ldap_error_status else 'red')
return False
@ -381,7 +386,7 @@ class ldap(connection):
self.logger.error(u'{}\\{}{} {}'.format(self.domain,
self.username,
" from ccache" if useCache
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '' or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (kerb_pass if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
ldap_error_status[errorCode] if errorCode in ldap_error_status else ''),
color='magenta' if errorCode in ldap_error_status else 'red')
return False

32
cme/protocols/mssql.py
View File

@ -24,6 +24,7 @@ class mssql(connection):
self.server_os = None
self.hash = None
self.os_arch = None
self.nthash = ''
connection.__init__(self, args, db, host)
@ -165,18 +166,23 @@ class mssql(connection):
pass
self.create_conn_obj()
logging.getLogger("impacket").disabled = True
try:
nthash = ''
hashes = None
if ntlm_hash != '':
if ntlm_hash.find(':') != -1:
hashes = ntlm_hash
nthash = ntlm_hash.split(':')[1]
else:
# only nt hash
hashes = ':%s' % ntlm_hash
nthash = ntlm_hash
nthash = ''
hashes = None
if ntlm_hash != '':
if ntlm_hash.find(':') != -1:
hashes = ntlm_hash
nthash = ntlm_hash.split(':')[1]
else:
# only nt hash
hashes = ':%s' % ntlm_hash
nthash = ntlm_hash
if not all('' == s for s in [self.nthash, password, aesKey]):
kerb_pass = next(s for s in [self.nthash, password, aesKey] if s)
else:
kerb_pass = ''
try:
res = self.conn.kerberosLogin(None, username, password, domain, hashes, aesKey, kdcHost=kdcHost, useCache=useCache)
if res is not True:
self.conn.printReplies()
@ -191,7 +197,7 @@ class mssql(connection):
username,
# Show what was used between cleartext, nthash, aesKey and ccache
" from ccache" if useCache
else ":%s" % (next(sub for sub in [nthash, password, aesKey] if sub != '' or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (kerb_pass if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
self.logger.success(out)
if not self.args.local_auth:
@ -203,7 +209,7 @@ class mssql(connection):
username,
# Show what was used between cleartext, nthash, aesKey and ccache
" from ccache" if useCache
else ":%s" % (next(sub for sub in [nthash, password, aesKey] if sub != '' or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (kerb_pass if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
e))
return False

9
cme/protocols/smb.py
View File

@ -347,6 +347,11 @@ class smb(connection):
self.create_conn_obj()
lmhash = ''
nthash = ''
if not all('' == s for s in [self.nthash, password, aesKey]):
kerb_pass = next(s for s in [self.nthash, password, aesKey] if s)
else:
kerb_pass = ''
try:
if not self.args.laps:
self.password = password
@ -367,7 +372,7 @@ class smb(connection):
self.username,
# Show what was used between cleartext, nthash, aesKey and ccache
" from ccache" if useCache
else ":%s" % (next(sub for sub in [nthash,password,aesKey] if sub != '' or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (kerb_pass if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
self.logger.success(out)
if not self.args.local_auth:
@ -397,7 +402,7 @@ class smb(connection):
self.username,
# Show what was used between cleartext, nthash, aesKey and ccache
" from ccache" if useCache
else ":%s" % (next(sub for sub in [nthash,password,aesKey] if sub != '' or sub != None or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
else ":%s" % (next(sub for sub in [nthash,password,aesKey] if (sub != '' and sub != None) or sub != None) if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
error,
'({})'.format(desc) if self.args.verbose else ''),
color='magenta' if error in smb_error_status else 'red')