Merge branch 'master' of github.com:zblurx/CrackMapExec
commit
5d60eb0d10
|
@ -12,6 +12,7 @@ from cme.helpers.bloodhound import add_user_bh
|
|||
from cme.helpers.powershell import create_ps_command
|
||||
from impacket import tds
|
||||
import configparser
|
||||
from impacket.krb5.ccache import CCache
|
||||
from impacket.smbconnection import SMBConnection, SessionError
|
||||
from impacket.tds import SQLErrorException, TDS_LOGINACK_TOKEN, TDS_ERROR_TOKEN, TDS_ENVCHANGE_TOKEN, TDS_INFO_TOKEN, \
|
||||
TDS_ENVCHANGE_VARCHAR, TDS_ENVCHANGE_DATABASE, TDS_ENVCHANGE_LANGUAGE, TDS_ENVCHANGE_CHARSET, TDS_ENVCHANGE_PACKETSIZE
|
||||
|
@ -189,6 +190,12 @@ class mssql(connection):
|
|||
return False
|
||||
|
||||
self.password = password
|
||||
if username == '' and useCache:
|
||||
ccache = CCache.loadFile(os.getenv('KRB5CCNAME'))
|
||||
principal = ccache.principal.toPrincipal()
|
||||
self.username = principal.components[0]
|
||||
username = principal.components[0]
|
||||
else:
|
||||
self.username = username
|
||||
self.domain = domain
|
||||
self.check_if_admin()
|
||||
|
|
|
@ -14,10 +14,10 @@ class navigator(DatabaseNavigator):
|
|||
for cred in creds:
|
||||
|
||||
credID = cred[0]
|
||||
domain = cred[1]
|
||||
username = cred[2]
|
||||
password = cred[3]
|
||||
credtype = cred[4]
|
||||
credtype = cred[1]
|
||||
domain = cred[2]
|
||||
username = cred[3]
|
||||
password = cred[4]
|
||||
# pillaged_from = cred[5]
|
||||
|
||||
links = self.db.get_admin_relations(userID=credID)
|
||||
|
|
|
@ -370,6 +370,11 @@ class smb(connection):
|
|||
self.conn.kerberosLogin(username, password, domain, lmhash, nthash, aesKey, kdcHost, useCache=useCache)
|
||||
self.check_if_admin()
|
||||
|
||||
if username == '':
|
||||
self.username = self.conn.getCredentials()[0]
|
||||
else:
|
||||
self.username = username
|
||||
|
||||
out = u'{}\\{}{} {}'.format(self.domain,
|
||||
self.username,
|
||||
# Show what was used between cleartext, nthash, aesKey and ccache
|
||||
|
|
Loading…
Reference in New Issue