Commit Graph

303 Commits (2942be1188707375e7f757c26885a0b77675549c)

Author SHA1 Message Date
mpgn 2942be1188 Add timeout to smb connection to 2 sec by default, much much better 2021-09-21 11:21:16 -04:00
mpgn 86564d868e
add procdump module 2021-09-21 13:36:08 +02:00
mpgn 2f0fc12cde Bump CME to version 5.2.0 2021-09-19 10:23:26 -04:00
mpgn 86ad83f74b Merge branch 'master' of https://github.com/mpgn/cme 2021-09-18 17:04:46 -04:00
mpgn fdf6cd31db
Merge pull request #2 from mpgn/dev3
Push dev branch to master
2021-09-18 23:04:16 +02:00
mpgn fdab5c545f Update ldap protocol message 2021-09-18 17:02:01 -04:00
mpgn 3b2a7fc414 Merge branch 'master' of https://github.com/byt3bl33d3r/CrackMapExec 2021-09-18 16:54:08 -04:00
mpgn 8b60dea32c Merge branch 'master' 2021-09-18 16:52:02 -04:00
mpgn 53a51a02f2 Fix #464 thanks Wil 2021-09-18 22:44:48 +02:00
mpgn 7686dd7fab Fix #470 IPv6 local-adress thanks to @bert128 2021-09-18 22:44:48 +02:00
mpgn a31d03a99a Fix #486 with ntds dump thx @b13bs 2021-09-18 22:44:48 +02:00
mpgn 46a00c3fef
Merge pull request #409 from RagingCactus/file-handling-concurrency-fixes
Fix file reading concurrency issues
2021-09-17 20:33:33 +02:00
TNeitzel 8dc89c01a1 Fix typos
Fixed some typos
2021-09-16 07:41:55 +02:00
TNeitzel 1ca1718e14 Add webdav module
Add the webdav module that allows to enumerate whether a target has the
WebClient service running.
2021-09-16 07:31:31 +02:00
mpgn 195d18f8ad Merge private repo for winrm port option 2021-08-01 18:13:24 -04:00
mpgn 8651479692
Add spooler service module
Add spooler service module to detect if the service is enabled or not using RCP call from https://raw.githubusercontent.com/SecureAuthCorp/impacket/master/examples/rpcdump.py
2021-07-05 21:11:35 +02:00
mpgn b9986a12ac
Add spooler service module
Add spooler service module to detect if the service is enabled or not using RCP call from https://raw.githubusercontent.com/SecureAuthCorp/impacket/master/examples/rpcdump.py
2021-07-05 21:02:15 +02:00
mpgn d5a005898e Improve LDAP protocol
- improve authentification status error
- check if user is on a juicy group
2021-07-02 04:50:41 -04:00
mpgn c3516fe9d5 Merge branch 'master' of https://github.com/Porchetta-Industries/CrackMapExec 2021-06-28 13:25:31 -04:00
mpgn 091915b990 Fix and add a lot, check commit message
Update LDAP proto:
	- can fetch a LDAP domain from an account from another domain (trust relation between forest)
	- fix sizeLimit to unlimited on LDAP queries
	- fix little mistake in LDAP modules

Update SMB proto:
	- fix users function when DC is vulnerable to NULL SESSION
	- add SAMRPC function to fetch users on the domain
	- add option --computers to fetch all computers

Update CLI
	- add function export, but it's not tested
2021-06-24 14:38:24 -04:00
mpgn 4385abaa24 Bump to version 5.1.7 Kali ready 2021-05-30 16:51:52 -04:00
mpgn 9104e18f7e Add port option to WinRM protocol #469 2021-05-30 16:49:12 -04:00
mpgn 215c479957 Fix spelling mistake 2021-05-30 16:28:37 -04:00
mpgn 8b05967bad
Merge branch 'master' into master 2021-05-30 22:17:08 +02:00
mpgn de5837b48c
Merge pull request #458 from sokaRepo/modules-mssql from @sokaRepo
Add privilege escalation MSSQL module
2021-05-30 22:09:44 +02:00
mpgn 3b5c912e68
Merge pull request #450 from nodauf/patch-1 @nodauf
Add option --password-not-required
2021-05-30 21:19:35 +02:00
soka f6130ee2bb Add rollback action and fix IMPERSONATE filter 2021-05-30 18:28:14 +02:00
Podalirius 708e8e65ab
Added MachineAccountQuota LDAP module
Retrieves the MachineAccountQuota domain-level attribute
2021-05-28 10:07:50 +02:00
mpgn 2983113312 Add watermark public version 2021-05-27 15:19:54 -04:00
mpgn 3ade69abed
Fix missing try catch on --shares option
Thx to @0xdf report !
2021-04-02 19:25:06 +02:00
soka 2aaba52578 Add privilege escalation MSSQL module 2021-03-26 12:45:13 +01:00
mpgn 743d7e86f7 Bump to version 5.1.6 2021-03-08 14:44:58 -05:00
mpgn 872cbb3d5f Update lsassy to version 2.1.4 to use latest version of pypykatz 2021-03-08 13:10:23 -05:00
mpgn d2f0b66ae4 Add option --amsi-bypass allowing you to pass a custom amsi bypass when using option -X 2021-02-28 09:48:50 -05:00
mpgn 761637f247 Bye Bye thirdparty folder 👋 #361 2021-02-28 09:00:12 -05:00
mpgn 23a4e55ba8 Add LAPS module thx to @T3KX 2021-01-29 18:57:12 -05:00
mpgn 627966e227 Small code Refactoring for ldap protocol 2021-01-29 18:25:39 -05:00
mpgn b3b6ed3b05 Fix smb and http server shutdown function 2021-01-29 18:15:03 -05:00
mpgn ba91408c74 Fix smb error not correctly catched 2021-01-29 11:30:05 -05:00
mpgn 89035e06a5 Add IPv6 support #339 thanks to @bert128 2021-01-29 06:16:55 -05:00
mpgn b2a53dc896 Better null session handle 2021-01-29 05:53:40 -05:00
mpgn d53343369b Fix function name sessions option 2021-01-27 05:49:23 -05:00
nodauf 0487e55234
Add option --password-not-required
Add option --password-not-required to retrieve the user with the flag PASSWD_NOTREQD. With this flag the user is not subject to a possibly existing policy regarding the length of password. So he can have a shorter password than it is required, or it may even have no password at all, even if empty passwords are not allowed
2021-01-23 12:21:33 +01:00
mpgn 4597216d9e Bump to version 5.1.5 2021-01-21 12:57:17 -05:00
mpgn 567ed8d8c3 Add option --users and --groups to LDAP protocol 2021-01-21 09:45:55 -05:00
mpgn 2250e5ab36 Fix grammar 2021-01-21 05:29:17 -05:00
mpgn 95aad485fb Fix issue #412 2021-01-21 05:28:56 -05:00
mpgn 719f18ac78 Fix cmedb encoding error #439 2021-01-21 05:08:06 -05:00
mpgn 908d074815 Catch exception if domain controller not found --kdcHost 2021-01-21 03:54:26 -05:00
mpgn af2dc05b7e Add --continue-on-success option to ldap protocol 2021-01-21 03:47:45 -05:00