Update LDAP proto:
- can fetch a LDAP domain from an account from another domain (trust relation between forest)
- fix sizeLimit to unlimited on LDAP queries
- fix little mistake in LDAP modules
Update SMB proto:
- fix users function when DC is vulnerable to NULL SESSION
- add SAMRPC function to fetch users on the domain
- add option --computers to fetch all computers
Update CLI
- add function export, but it's not tested
- Replaced Gevent with AsyncIO
- Shares are now logged in the database and can be queried
- You can now press enter while a scan is being performed and CME will
give you a completion percentage and the number of hosts remaining to
scan
* --shares -> OK
* --sessions -> OK
* --disks -> OK
* --loggedon-users -> OK
* --users -> Not tested
* --rid-brute -> OK
* --groups -> Not tested
* --local-groups -> OK
* --pass-pol -> OK
- Fixed some MSSQL DB interaction bugs
- Made MSSQL DB schema more consistent
- cmedb output now gets formatted using terminaltables (so perty)
- Made everything a bit more PEP8 compliant
- Modules now do not print output of commands called from their protocol
- Added the enum_avproducts module
- Fixed the mimikatz_enum_vault_creds to not display creds with invalid
passwords
- Added an export command to the SMB protocols DB navigator (as
suggested by @hatredshapedlikeaman)
- Misc output fixes
- Fixed an edge case in gpp_decrypt.py also renamed to gpp_password
- Added the gpp_autologin module
- Added a workaround for the current impacket smb server bug in
get_keystrokes
- fixed formatting in the SMB database navigator
- fixed an error where DC would have there dc attribute overwritten
- Other stuff that i don't remember
- added two more attributes to use in modules:opsec_safe and multiple_hosts
- renamed db function names
- Added the python_injector module and it's necessary files as a reminder
Just fyi for anyone reading this, it's not even close to being
finished.
The amount of changes are pretty insane, this commit is to serve as a
refrence point for myself.
Highlights for v4.0:
- The whole codebase has been re-written from scratch
- Codebase has been cut around 2/4
- Protocols are now modular! In theory we could use CME for everything
- Module chaining has been removed for now, still trying to figure out a
more elegant solution
- Workspaces have implemented in cmedb
- The smb protocol's database schema has been changed to support storing users,
groups and computers with their respective memberships and relations.
- I'm in the process of re-writing most of the modules, will re-add them
once i've finished
Wlayzz
mpgn
Sam Frees1de
Serizao
byt3bl33d3r
Augustin Laville
root
Frank Spierings
byt3bl33d3r
Louis Dion-Marcil
byt3bl33d3r
byt3bl33d3r