swisskyrepo
/
NetExec
mirror of https://github.com/swisskyrepo/NetExec.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,979 Commits
2 Branches
0 Tags
13 MiB
Commit Graph

180 Commits (069749945c91c807875067385cbb5c475cbed501)

Author SHA1 Message Date
Marshall Hallenbeck c8b472321a feat(cmedb): update queries and fix parameter names 2023-03-13 16:05:05 -04:00
Marshall Hallenbeck 4c3f68925b chore(cmedb): remove debug print statements 2023-03-13 16:05:05 -04:00
Marshall Hallenbeck 86fa6d3437 chore(cmedb): remove unnecessary update_computer function 2023-03-13 16:05:05 -04:00
Marshall Hallenbeck e34fdc2dda feat(database): update each protocol to use sqlalchemy table reference and add database clear function; closes #189 2023-03-13 16:05:03 -04:00
Marshall Hallenbeck 18d2b273af feat(cmedb): update cmedb.groups sql queries to use sqlalchemy 2023-03-13 15:58:38 -04:00
Marshall Hallenbeck 6d140bb1ce feat(cmedb): update some functions for smb.creds 2023-03-13 15:58:38 -04:00
Marshall Hallenbeck bc2ba6a025 feat(cmedb): update queries for smb.hosts 2023-03-13 15:58:38 -04:00
Marshall Hallenbeck 9185555c0f feat(cmedb): update db connection reference and one query 2023-03-13 15:58:38 -04:00
Marshall Hallenbeck 7e2c9333fd refactor(cmedb): fix cursor connection reference 2023-03-13 15:58:38 -04:00
Marshall Hallenbeck f9f8de0c74 fix(cmedb): import print_table from cmedb 2023-03-13 15:58:38 -04:00
Marshall Hallenbeck 388f520103 WIP - cmedb update 2023-03-13 15:58:38 -04:00
Marshall Hallenbeck 218c9b745e feat(sqlalchemy): WIP - working sqlalchemy session object being passed 2023-03-13 15:58:38 -04:00
Marshall Hallenbeck 1d5d558f99 fix(display table): properly check for new DB additions and clean up previous checks 2023-03-13 15:58:38 -04:00
Marshall Hallenbeck 5e9ea346fd feat(cmedb): add additional fields to smb db 2023-03-13 15:58:07 -04:00
zblurx bf254506d0 fix column for cme dpapi browser 2023-02-22 14:02:36 +01:00
zblurx 7bfdd0a75d store dpapi secrets in cmedb 2023-02-22 13:58:53 +01:00
zblurx 393dfc3987 store domain backup key 2023-02-22 12:56:24 +01:00
mpgn 19a6c3887f merge master into pr 2023-02-16 08:04:23 -05:00
zblurx d5fb5cf36e change pydes to pycryptodomex 2023-02-14 10:00:12 +01:00
zblurx 6f198372ca merge firefox into dpapi core option 2023-02-13 11:48:12 +01:00
mpgn c36a0fe445 add fqdn to kerberos option 2023-02-12 09:17:27 -05:00
mpgn 72c01b0688 add fqdn to kerberos option 2023-02-12 09:14:30 -05:00
lefayjey 0a472e9366 Use hostname in user and passpol for kerberos 2023-02-12 09:14:22 -05:00
lefayjey 5f5884785f Fix ccache kerberos auth using rpc 2023-02-12 09:14:08 -05:00
mpgn 5696026ba0 Fix exec method with kerberos 2023-02-05 08:00:46 -05:00
mpgn 1ddddd5f47 Add samruser function with kerberos 2023-02-02 14:43:04 -05:00
Julio Ureña c2993a5888 Modify remove_credentials to allow "creds remove" 
`creds remove CredID` was not working because the method was commented on, I also changed the table name from credentials to users.
 2022-12-12 14:39:29 -05:00
Julio Ureña 81b53b9652
Modify remove_credentials to allow "creds remove" 
`creds remove CredID` was not working because the method was commented on, I also changed the table name from credentials to users.
 2022-11-17 11:18:13 -04:00
iLightThings c005d844e0
Merge branch 'master' into cme_db_detailed 2022-09-23 12:02:40 -04:00
mpgn 105ad97947 quick fix cmedb export share 2022-09-22 18:24:27 -04:00
iLightThings ba5a421b3e Added local admins. Made CSV write function. 2022-09-22 08:31:02 -04:00
Wlayzz b57ba767f8 Adding shebang and encoding utf-8 for all python files 2022-07-19 01:59:14 +02:00
mpgn c47c77ce2e Fix cmedb issue 2022-06-21 05:45:57 -04:00
mpgn 75e19ae4b2
Merge pull request #545 from Serizao/master 
Add smbv1 and signing into sqlite database
 2022-06-18 23:50:18 +02:00
mpgn e3c8aa2966
Update db_navigator.py 2022-06-18 23:49:57 +02:00
mpgn 44e7ff155d finish adding smbv1 and signing into cmedb 2022-06-18 17:43:09 -04:00
mpgn f8bfe833d8 Smbexec improvement "STATUS_OBJECT_NAME_NOT_FOUND" with server 2019 
https://github.com/SecureAuthCorp/impacket/issues/777#issuecomment-1048253251
 2022-06-18 17:00:40 -04:00
Sam Frees1de f183b6bcc1 Add -codec execution option 2022-04-26 16:58:03 +03:00
Serizao b7e2d686d3
Update database.py 2022-03-02 08:11:38 +01:00
Serizao 19523a75b5
Update database.py 2022-03-02 08:07:20 +01:00
Serizao b6acf4f4e3
Update database.py 2022-03-02 08:01:58 +01:00
mpgn e040752503 add debug print for smbexec method 2021-09-26 15:24:09 -04:00
mpgn 0000854b82 Remove filess method 2021-09-21 11:21:40 -04:00
mpgn c3516fe9d5 Merge branch 'master' of https://github.com/Porchetta-Industries/CrackMapExec 2021-06-28 13:25:31 -04:00
mpgn 091915b990 Fix and add a lot, check commit message 
Update LDAP proto:
	- can fetch a LDAP domain from an account from another domain (trust relation between forest)
	- fix sizeLimit to unlimited on LDAP queries
	- fix little mistake in LDAP modules

Update SMB proto:
	- fix users function when DC is vulnerable to NULL SESSION
	- add SAMRPC function to fetch users on the domain
	- add option --computers to fetch all computers

Update CLI
	- add function export, but it's not tested
 2021-06-24 14:38:24 -04:00
mpgn 719f18ac78 Fix cmedb encoding error #439 2021-01-21 05:08:06 -05:00
mpgn b0aa66a074 Fix encode error on spider option #430 2020-11-27 18:46:41 -05:00
mpgn cc7573155f Fix pass policy max password age #435 2020-11-27 15:51:09 -05:00
byt3bl33d3r cb5c8855ed Version 5.1.3 🔥 
- Replaced Gevent with AsyncIO
- Shares are now logged in the database and can be queried
- You can now press enter while a scan is being performed and CME will
  give you a completion percentage and the number of hosts remaining to
  scan
 2020-11-15 16:42:28 -07:00
mpgn 280d497b0d Add conditional check on the func login() 
- modules, options will no longer be loaded if authentication fails
- add some try catch and fix some problem with the debug on the passpolicy class
 2020-06-20 18:16:37 -04:00
mpgn 8931ec2300 Add Windows spec file to compile CME for Windows 2020-05-10 20:06:08 +02:00
mpgn 622245dcfa Add support kerberos aesKey and kdcHost #22 add lssasy module kerberos support 
add error when not credential foud on lsassy module #368
 2020-05-04 13:23:41 -04:00
mpgn 1308bc30c8 Adding Kerberos support for CME #22 
TODO
- aeskey
- dc-ip
- checkifadmin()
 2020-05-03 14:30:41 -04:00
mpgn 4dc4892660 Check if output is byte before decoding 2020-04-30 13:56:34 -04:00
mpgn 63cf5af003 Fix smbexec function #269 2020-04-28 06:19:33 -04:00
mpgn ba04528738 Add feature: file as argument for -x and -X command #269 2020-04-27 16:38:30 -04:00
mpgn f19f137b0d Fix smbexec.py decode error 2020-04-22 11:04:22 -04:00
mpgn 2cf0c0fb90 Migrate cmedb to python3 2019-11-12 16:39:26 -05:00
mpgn 38acbbead5 Fix option --pass-pol in python3 
error due to :
	python2 => 1 / 2 = 0
	python3 => 1 / 2 = 0.5
	python3 => 1 // 2 = 0
 2019-11-12 13:33:14 -05:00
mpgn 73ab379acc Migrate function to python3 
* --shares -> OK
* --sessions -> OK
* --disks -> OK
* --loggedon-users -> OK
* --users -> Not tested
* --rid-brute -> OK
* --groups -> Not tested
* --local-groups -> OK
* --pass-pol -> OK
 2019-11-11 05:06:39 -05:00
mpgn a29cf6760c update python3 2019-11-10 18:39:00 -05:00
mpgn c3c4b3192d start python3 migration 2019-11-10 22:42:04 +01:00
Augustin Laville fdb41c0125 Fix encoding in smb --sam 2019-04-12 13:32:38 +02:00
root 1a7174137c Added remotehost in the spidering output. It is now //<remotehost>/<share>/<folder *>/<file> 2018-07-07 14:33:14 +00:00
Frank Spierings 2823452053
Update smbspider.py - Feature to use `--spider '*'` to spider all readable shares 
I've added the option to allow spidering over all readable shares.
 2018-07-07 16:00:59 +02:00
byt3bl33d3r 4b35455997 Refactored Database Menu code 
- Fixed some MSSQL DB interaction bugs
- Made MSSQL DB schema more consistent
- cmedb output now gets formatted using terminaltables (so perty)
- Made everything a bit more PEP8 compliant
 2017-11-02 17:43:08 +08:00
byt3bl33d3r f1c6858e55 Fixed bug where creds dumped via mimikatz wouldn't be added to the database 2017-10-24 22:56:34 -06:00
Louis Dion-Marcil 527b58d05c Don't make service auto-start (disable reboot persistance) 2017-08-04 14:19:06 -04:00
Louis Dion-Marcil b9aff9579c Debug message for service creation/modification 2017-08-04 14:18:39 -04:00
byt3bl33d3r f4dfddc89b Fixes #182 2017-06-23 12:15:09 -06:00
byt3bl33d3r 4ff034f366 Added enum_avproducts module, fixed module logging 
- Modules now do not print output of commands called from their protocol
- Added the enum_avproducts module
- Fixed the mimikatz_enum_vault_creds to not display creds with invalid
passwords
- Added an export command to the SMB protocols DB navigator (as
suggested by @hatredshapedlikeaman)
- Misc output fixes
 2017-05-07 21:16:18 -06:00
byt3bl33d3r c71692e576 Fixed HTTP protocol exiting during setup and pass pol enumeration 2017-05-05 15:10:42 -06:00
byt3bl33d3r fc147ddac0 Fixed content spidering and password policy enumeration 
- Added enumeration for password complexity (resolves #135)
 2017-04-10 01:24:23 -06:00
byt3bl33d3r 57d5d7ca13 Y'all better be ready for this, initial 4.0 release 
- Fixed an edge case in gpp_decrypt.py also renamed to gpp_password
- Added the gpp_autologin module
- Added a workaround for the current impacket smb server bug in
get_keystrokes
- fixed formatting in the SMB database navigator
- fixed an error where DC would have there dc attribute overwritten
- Other stuff that i don't remember
 2017-04-06 22:34:30 -06:00
byt3bl33d3r 602b7e13f0 Re-added most of the SMB protocol functionality 
- Added new module gpp_decrypt
- Cleaned up the SMB spider as much as possible
- --wmi now uses pywerview
- Re-added the http protocol
 2017-04-05 09:07:00 -06:00
byt3bl33d3r cae5ffb6ce Various fixes 2017-04-03 09:25:05 -06:00
byt3bl33d3r 5dc7c4ae62 Fixed logic errors when adding users and groups to the database 
- Added debug logging to core db functions
- Fixed logging output
- Updated modules to use the new API
 2017-03-29 18:03:04 -06:00
byt3bl33d3r 751f209cd7 Initial 4.0 pre-release 2017-03-27 15:09:36 -06:00
byt3bl33d3r 8e6cc4e899 DB schema for the smb protocol is now final! 
- added two more attributes to use in modules:opsec_safe and multiple_hosts

- renamed db function names

- Added the python_injector module and it's necessary files as a reminder
 2016-12-20 00:23:40 -07:00
byt3bl33d3r 9fefd167b0 Initial commit for v4.0 
Just fyi for anyone reading this, it's not even close to being
finished.

The amount of changes are pretty insane, this commit is to serve as a
refrence point for myself.

Highlights for v4.0:
- The whole codebase has been re-written from scratch
- Codebase has been cut around 2/4
- Protocols are now modular! In theory we could use CME for everything
- Module chaining has been removed for now, still trying to figure out a
more elegant solution
- Workspaces have implemented in cmedb
- The smb protocol's database schema has been changed to support storing users,
groups and computers with their respective memberships and relations.
- I'm in the process of re-writing most of the modules, will re-add them
once i've finished
 2016-12-15 00:28:00 -07:00