byt3bl33d3r
6eabf0224c
Updated README
2016-03-27 15:45:41 -06:00
byt3bl33d3r
10a12a9a0f
Initial v3.0 commit to master
...
Quick re-cap on the new features:
* Credentials and hosts are now stored in a database, the cme_db.py script can be used to query it
* Module system has been implemented allowing anyone to create payloads
* All underlying powershell code has been ported to a module
* The HTTP/HTTPS server now tracks connections: no more guessing when to CTRL-C
* All around better code quality, error handling and logging
2016-03-27 15:17:18 -06:00
byt3bl33d3r
792a631fe2
Updated the usage in README
2016-03-12 19:20:40 -07:00
byt3bl33d3r
4c3ca3a0f6
Added the --tokens options to enumerate available tokens (issue #86 )
...
Re-added Empire's function to strip powershell comments
Changed the PowerView PS script to the actual supported one
2016-03-12 18:24:08 -07:00
byt3bl33d3r
5814121e6d
Actually pushing the new cert would be nice
2016-03-11 22:08:13 -07:00
byt3bl33d3r
f4141c9041
Regererated SSL cert, fixed a typo variable
2016-03-11 22:02:25 -07:00
byt3bl33d3r
3ec981f3fa
Re-added the --timeout option
2016-03-11 20:09:52 -07:00
byt3bl33d3r
ade4c12ad4
Revert "Stole Empires powershell architecture detection code, arch is now detected and handled automatically"
...
This reverts commit cd103f5cb6
.
This is being reverted due to a bug in wmiexec when executing long
command strings. Falling back to the old method for now until/if fixed.
2016-03-11 20:01:42 -07:00
byt3bl33d3r
bdcebd0045
Changed the default server to HTTPS (cause why not)
2016-03-07 22:32:35 -07:00
byt3bl33d3r
cd103f5cb6
Stole Empires powershell architecture detection code, arch is now detected and handled automatically
...
Removed the --ps-arch option as its now useless
Added a --timeout switch to specify a max timeout for each thread
Regenerated default key and cert for the https server
2016-03-07 20:13:51 -07:00
byt3bl33d3r
2427ccaa9b
Updated README
2016-01-27 00:29:35 -07:00
byt3bl33d3r
7b255b3c9a
- More code cleanup in the smart_login function, added pwdump support
...
when using the combo file (-C) flag (resolves #80 )
2016-01-26 23:50:33 -07:00
byt3bl33d3r
c50ffb0f65
- Re-Factored MSSQL support for better integration when executing
...
commands and attacks (e.g. mimikatz, injection)
- By default, the --mssql flag will enumerate db instances and will
allow you to execute commands through xp_cmdshell
- Made some logic changes on how/when connections are initiated
2016-01-26 21:23:03 -07:00
byt3bl33d3r
3c5cf012fd
- Password. Username and Hash flags now accept one file or
...
user/pass/has per
argument
- smart_login function partial code cleanup
2016-01-19 01:56:42 -07:00
byt3bl33d3r
b1646c3f76
- Made output *FABULOUS* by aligning the logger output
...
- Moar unicode fixes (srsly fuck unicode)
2016-01-18 20:40:50 -07:00
byt3bl33d3r
224befe25d
Fixed bug that would cause a traceback in rpcquery.py when PTH
2016-01-17 22:43:57 -07:00
byt3bl33d3r
5c31910571
Fixed .join() error in smart_login.py when PTH
2016-01-17 22:42:53 -07:00
byt3bl33d3r
7075c095cc
Fixed wmiquery error when passing-the-hash
2016-01-17 12:28:52 -07:00
byt3bl33d3r
d383c3df8f
Updated requirements.txt
2016-01-17 00:51:25 -07:00
byt3bl33d3r
65187a7190
Updated Readme
2016-01-17 00:22:22 -07:00
byt3bl33d3r
3aaa378a23
- HTTP/S server now uses the new logging system
2016-01-17 00:09:45 -07:00
byt3bl33d3r
256f2cd12d
- Powershell process architecture is now auto selected based on payload
...
- Added flag to force Powershell process architecture
2016-01-16 23:00:50 -07:00
byt3bl33d3r
d1508d2923
Merge branch 'mssql_and_logging' of github.com:byt3bl33d3r/CrackMapExec into mssql_and_logging
2016-01-16 22:40:45 -07:00
byt3bl33d3r
5a1adba648
- Logging has been overhauled for readability and parsing ( resolves #47 )
...
- Added flag to test creds against MSSQL DBs (resolves #66 )
- Added flags to enable/disable xp_cmdshell on MSSQL DBs
- Added flag to execute commands through xp_cmdshell on MSSQL DBs
- Added flag to enumerate MSSQL DB instances
- Targets are now accepted with arguments instead of a comma
seperated list (resolves #71 )
2016-01-16 22:39:56 -07:00
byt3bl33d3r
58b6d0636d
- Logging has been overhauled for readability and parsing ( resolves #47 )
...
- Added flag to test creds against MSSQL DBs (resolves #66 )
- Added flags to enable/disable xp_cmdshell on MSSQL DBs
- Added flag to execute commands through xp_cmdshell on MSSQL DBs
-
- Targets are now accepted with arguments instead of a comma
seperated list (resolves #71 )
2016-01-16 22:33:11 -07:00
byt3bl33d3r
7aa67e388c
Resolves #70
2016-01-13 19:21:04 -07:00
byt3bl33d3r
86ca7e4640
Updated target paramater description
2016-01-06 23:28:31 -07:00
byt3bl33d3r
f85a50cfe4
Merge pull request #62 from maaaaz/master
...
Service Interaction name parameter & encoding errors fix
2016-01-06 22:47:17 -07:00
byt3bl33d3r
15c5b83bc2
added ability to accept FQDNS and hostnames as targets ( resolves #13 )
2016-01-06 22:07:19 -07:00
byt3bl33d3r
a1e113520a
Adding a user-agent to the HTTP/S request when downloading the Meterpreter staged shellcode would cause a rpc_access_denied error
...
when executing the PS code with WMI.
Have to investigate why, for now removed the offending code and everything seems to be working perfectly.
2015-12-25 12:54:02 -07:00
maaaaz
1a40805ae4
service interaction fix
2015-12-20 12:24:17 -05:00
maaaaz
d2c103bf56
encoding errors fix
2015-12-20 12:10:40 -05:00
byt3bl33d3r
3d0203a780
Version bump and README update
2015-12-20 00:19:23 -07:00
byt3bl33d3r
553ec9910e
Updated the Powershell payloads to support Powersploits 3.0 update
2015-12-20 00:11:08 -07:00
byt3bl33d3r
c328c397f8
Forgot regex string for Invoke-NinjaCopy
2015-12-19 22:01:04 -07:00
byt3bl33d3r
5515464c02
Updated PowerSploit scripts to latest version
2015-12-19 21:57:28 -07:00
byt3bl33d3r
9f130886ee
updated README
2015-12-13 15:51:00 -07:00
byt3bl33d3r
45e37570a3
Updated powerview.ps1 to latest commit
2015-12-13 14:27:18 -07:00
byt3bl33d3r
e965cd8374
Should resolve #51
2015-12-13 13:47:51 -07:00
byt3bl33d3r
f5c8684876
Fixed output for --gpp-passwords option in http/s server
2015-12-11 00:29:47 -07:00
byt3bl33d3r
3574bbe832
Added --gpp-passwords option to retrieve GPP passwords
2015-12-11 00:24:43 -07:00
byt3bl33d3r
4e1414fa04
Removed some useless imports
2015-11-29 12:21:42 -07:00
byt3bl33d3r
9e50051651
Merge branch 'maaaaz-master'
2015-11-29 12:21:19 -07:00
byt3bl33d3r
9916c03a05
Removed code to check for log directory
2015-11-29 12:21:06 -07:00
maaaaz
7401c13563
post v2.1 changes
2015-11-29 12:07:30 -05:00
byt3bl33d3r
3016461f41
Updated usage in README
2015-11-20 20:24:04 -07:00
byt3bl33d3r
a2c2c17489
Added src param for --download ( resolves #32 )
2015-11-20 20:20:42 -07:00
byt3bl33d3r
474ded4ea2
Fixed port variable when invoking PowerView
2015-11-20 19:47:40 -07:00
byt3bl33d3r
f0fe1a25a7
Added option to set the HTTP/HTTPS server port ( resolves #33 )
2015-11-20 19:33:55 -07:00
byt3bl33d3r
0d1e580edd
Added previous commit changes to passpoldump.py
2015-11-20 18:54:34 -07:00