swisskyrepo
/
NetExec
mirror of https://github.com/swisskyrepo/NetExec.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,225 Commits
2 Branches
0 Tags
13 MiB
Commit Graph

728 Commits (6919d477b7caa067b7f4240c9eff83e56fd717a4)

Author SHA1 Message Date
mpgn 3b5d719d24 Simplify check 2023-02-12 08:52:22 -05:00
zblurx a4c53cab36 update firefox module 2023-02-10 15:57:10 +01:00
zblurx a0832f2190 add firefox module 2023-02-10 15:16:10 +01:00
zblurx 194499533d modify output 2023-02-09 15:34:25 +01:00
zblurx 5263a4647d modify output 2023-02-09 15:33:14 +01:00
zblurx aeb0c0ea5a fix bugs 2023-02-08 12:16:07 +01:00
zblurx 0d39dff6e9 upgrade version of dploot 2023-02-08 09:53:40 +01:00
zblurx 9aa4675032 added try catch 2023-02-08 09:14:18 +01:00
zblurx 10e3b32b62 fix kerberos auth 2023-02-07 22:22:40 +01:00
zblurx 3086559501 auto export of domain backup key 2023-02-07 15:32:19 +01:00
zblurx 33093c2d49 fix dpapi harversting 2023-02-07 14:51:01 +01:00
zblurx f790d95613 pass it to core option 2023-02-07 12:06:42 +01:00
mpgn 8939405c6e Forgot to add bloodhound file 2023-02-06 08:17:16 -05:00
mpgn 4335515d28 Rewrite all rdp module 2023-02-05 15:23:40 -05:00
mpgn 5696026ba0 Fix exec method with kerberos 2023-02-05 08:00:46 -05:00
mpgn eaf421b714 Bump to 5.4.4 2023-02-05 07:37:12 -05:00
mpgn 4a443fe946 Add bloodhound core feature + fix color on ldap proto 2023-02-05 05:43:12 -05:00
mpgn 0c02ed4c0b Add GMSA print id 2023-02-05 04:44:07 -05:00
mpgn 1ddddd5f47 Add samruser function with kerberos 2023-02-02 14:43:04 -05:00
mpgn bdab59472b Add ccache support for RDP auth 2023-02-01 06:04:13 -05:00
mpgn 7fef784481 Add VNC scan + screenshot 2023-01-31 15:20:47 -05:00
zblurx 66cd0799ab add comments and limit cert dump to clientauth cert 2023-01-23 10:12:28 +01:00
zblurx a25dad9705
Merge branch 'Porchetta-Industries:master' into master 2023-01-06 10:39:52 +01:00
mpgn f0645371f0 Use default proto_flow func for rdp 2023-01-04 12:26:37 -05:00
mpgn 83f8ffd006 Handle stacktrace with binary launch with wrong python version 2023-01-04 11:48:52 -05:00
mpgn 2c6b982f7f Remove openssl requirement 2023-01-02 06:55:03 -05:00
mpgn d00a9bafeb
Fix RDP login 
Fix RDP login, major breaking change so it is also commited on the public repo
 2023-01-02 12:43:27 +01:00
mpgn 16705ec0ea Bump to 5.4.3 2023-01-02 06:37:57 -05:00
mpgn 82f28df288 Fix rdp auth & add kerberos auth (plain/nthash) -k 2023-01-02 06:37:37 -05:00
mpgn a2225dc11c Bump to 5.4.2 for porchetta 2022-12-14 16:00:36 -05:00
mpgn af8cfa8011 Add new gmsa function <3 2022-12-14 15:45:51 -05:00
mpgn 31b18614e1 replace simple quote by double quote for export 2022-12-14 09:55:17 -05:00
mpgn 86823c90be Add try catch 2022-12-12 14:39:29 -05:00
mpgn 1051ec2e69 Fix smb nthash not display with kerberos 2022-12-12 14:39:29 -05:00
Shariq Malik b14fe7f94f Fixed bh_owned error on non-existing values 
If a computer on the network has been compromised but is not listed in the Neo4j database. CME won't crash any more.
 2022-12-12 14:39:29 -05:00
Julio Ureña 4bab776011 Fix --enabled option to dump only enabled accounts 
This change allows the option to work as expected and also includes an option to grep a list of users.
 2022-12-12 14:39:29 -05:00
Julio Ureña c2993a5888 Modify remove_credentials to allow "creds remove" 
`creds remove CredID` was not working because the method was commented on, I also changed the table name from credentials to users.
 2022-12-12 14:39:29 -05:00
Julio Ureña c04b2ba465 Fix cmedb displayed credentials for mssql 
The columns were not in the correct order, which caused them to be displayed incorrectly. This change properly orders the way CMEDB displays credentials in the mssql protocol.
 2022-12-12 14:39:29 -05:00
Julio Ureña 7f65c0eccb mssql - Retrieve username when using Kerberos Auth 
This change allows the program to return the name of the user being authenticated when using Kerberos with the protocol mssql.
 2022-12-12 14:39:29 -05:00
Julio Ureña 59b953c3f7 Add - Retrieve username when using Kerberos Auth 
This change allows the program to return the name of the user being authenticated when using Kerberos.
 2022-12-12 14:39:29 -05:00
Julio Ureña 42a3d9375b Add - Retrieve username when using Kerberos Auth 
This change allows the program to return the name of the user being authenticated when using Kerberos.
 2022-12-12 14:39:29 -05:00
mpgn 31542973d7 Fix smb nthash not display with kerberos 2022-11-29 17:05:15 -05:00
mpgn a4c89ef561 Bump to 5.4.1 2022-11-29 16:46:26 -05:00
mpgn 99cea583e9 Add kerberos compatibility for laps option 2022-11-29 16:46:25 -05:00
zblurx 6f7c99bb50
Merge branch 'Porchetta-Industries:master' into master 2022-11-25 17:25:16 +01:00
Shariq Malik a3046f657b Fixed bh_owned error on non-existing values 
If a computer on the network has been compromised but is not listed in the Neo4j database. CME won't crash any more.
 2022-11-25 16:58:52 +05:00
Julio Ureña 7c684bcffb
Fix --enabled option to dump only enabled accounts 
This change allows the option to work as expected and also includes an option to grep a list of users.
 2022-11-22 14:28:57 -04:00
zblurx 561fb6da57
Merge branch 'Porchetta-Industries:master' into master 2022-11-18 18:39:01 +01:00
Julio Ureña 81b53b9652
Modify remove_credentials to allow "creds remove" 
`creds remove CredID` was not working because the method was commented on, I also changed the table name from credentials to users.
 2022-11-17 11:18:13 -04:00
zblurx 3df3978cb0
Merge branch 'Porchetta-Industries:master' into master 2022-11-17 16:16:47 +01:00
zblurx 75d01e5cb6 init dpapi module 2022-11-17 16:16:10 +01:00
Julio Ureña 2c4be7b9e4
Fix cmedb displayed credentials for mssql 
The columns were not in the correct order, which caused them to be displayed incorrectly. This change properly orders the way CMEDB displays credentials in the mssql protocol.
 2022-11-17 09:27:01 -04:00
Julio Ureña 4a12e437fa
mssql - Retrieve username when using Kerberos Auth 
This change allows the program to return the name of the user being authenticated when using Kerberos with the protocol mssql.
 2022-11-16 16:39:44 -04:00
Julio Ureña bd5a3fe91d
Add - Retrieve username when using Kerberos Auth 
This change allows the program to return the name of the user being authenticated when using Kerberos.
 2022-11-16 16:15:30 -04:00
Julio Ureña baceb06afd
Add - Retrieve username when using Kerberos Auth 
This change allows the program to return the name of the user being authenticated when using Kerberos.
 2022-11-16 16:06:43 -04:00
mpgn db79f5a487 Bump to 5.4.1 2022-11-10 16:08:17 -05:00
mpgn 9d6c3fe67e Add kerberos compatibility for laps option 2022-11-10 16:07:41 -05:00
mpgn 25978c0be0
Update smb.py 2022-11-10 22:06:35 +01:00
mpgn 193ce4128e SMB kerberos better you can put ip whithout fqdn 2022-11-10 04:17:09 -05:00
mpgn a88a6e8552 Add catch for kerberos use-kcache option with error message 2022-11-09 16:59:53 -05:00
mpgn 667faa0d7b Add catch for kerberos use-kcache option 2022-11-09 16:56:57 -05:00
Julio Ureña a5c30851c0
Fix output always returning false 
Based on Neo4j documentation https://neo4j.com/docs/api/python-driver/current/api.html#neo4j.Result I added some modification to the result variable.

The way it was code, `result.value()` always return 0.
 2022-11-09 15:39:43 -04:00
Julio Ureña ba690f93fd
Added the option to select architecture (64 or 32) 
The module only allowed 32 bits, with this change it is possible to select 32 bits or 64 bits architecture.
 2022-11-09 07:07:29 -04:00
Julio Ureña ccfd9565e0
Fix #671 - handlekatz modules fail 
handlekatz modules fail if directory /tmp/shared does not exist. I changed the directory from /tmp/shared to /tmp and the option description.
 2022-11-08 11:14:00 -04:00
Julio Ureña 61757a2cd2
Fix #671 - procdump modules fail 
procdump modules fail if directory /tmp/shared does not exist. I changed the directory from /tmp/shared to /tmp and the option description.
 2022-11-08 11:13:05 -04:00
shoxxdj 0990b4fa8b bugfix : cant export csv 2022-11-08 15:15:54 +01:00
mpgn e4f6343646 Bump to 5.4.0 2022-11-08 05:08:23 -05:00
mpgn be6b0edd42
Merge pull request #662 from Porchetta-Industries/rdp 
Bump aardwolf to version 0.2.0
 2022-11-08 09:31:58 +01:00
mpgn 8fedcc48b7
Update rdp.py 2022-11-08 09:25:59 +01:00
mpgn 4562cea72a
Merge pull request #669 from juliourena/master 
Fix #668 - Remove @requires_admin flag for WMI queries
 2022-11-07 21:07:29 +01:00
mpgn 60e3dda195
Merge pull request #601 from Dfte/master 
Add the Impersonate module
 2022-11-07 12:26:37 +01:00
Julio Ureña 47a92590a6
Remove @requires_admin flag for WMI queries 
Although not common, it is possible for a user to be assigned WMI privileges. Removing @requires_admin in case we do not have privileges to make queries to WMI we will receive an access denied error, which makes it clearer what is happening.
 2022-11-04 07:45:47 -04:00
mpgn b2bcbe0ade Fix issue #667 with use-kcache option 2022-11-03 16:04:46 -04:00
mpgn 83180a6b68 ldap better error message 2022-11-03 15:56:38 -04:00
mpgn 49d68e0269 fix error with connection outside dc 2022-11-03 15:29:56 -04:00
mpgn 37f2555ab7 Merge branch 'screenrdp' into rdp 2022-11-02 15:39:17 -04:00
mpgn 33a3c61242 update rdp proto 2022-11-02 15:39:14 -04:00
lap1nou 4fabd0843a Added an NLA disabled screenshot function 2022-11-02 18:47:32 +01:00
mpgn 12ec7f2278 update impersonate binary 2022-11-02 07:23:07 -04:00
mpgn 6a31c588a2 update ldap proto and add func get domain sid 2022-11-01 18:20:14 -04:00
Julio Ureña 3eb80ae534
Modify logging output when putting files 
Added \\ to match the correct display of the file and path.
 2022-11-01 08:10:55 -04:00
Julio Ureña cc72c6c868
Remove @requires_admin from get_file and put_file 
The @requires_admin flag prevents non-admin users who have Read and Write access to a shared folder from performing any operations.
 2022-11-01 07:29:56 -04:00
mpgn a36d3145e1
Merge pull request #655 from zblurx/master 
Fix kerberos authentication and add kerbrute
 2022-10-31 13:34:03 +01:00
mpgn 3942eab31b update a little bit 2022-10-31 08:33:41 -04:00
Defte 5d4f3b5606
Update impersonate.py 
I'll add technical links to the blog post explaining token manipulation internals as well as the source code of the original binary when the blog post will be released (should be on monday)
 2022-10-29 11:55:34 +02:00
Defte 1bfb3a860b
Addind the IMP_EXE option 
Guess this will be the final one :P
 2022-10-29 11:52:48 +02:00
mpgn 9c66f29474
Merge branch 'master' into rdp 2022-10-28 15:22:28 +02:00
mpgn dc6b023456 update RDP protocol 2022-10-27 16:43:52 -04:00
mpgn fedbfaf1f5 Change default order of exec method for smb 2022-10-27 15:40:34 -04:00
mpgn aa8bf6aa46 Refactor options 2022-10-27 15:32:55 -04:00
Defte 2dcd33ee17
Update impersonate.py 
Adding double quotes for spaced cmd
 2022-10-27 18:57:00 +02:00
Defte ed80922b0e
Final update! 2022-10-27 12:21:46 +02:00
mpgn abc288234b Fix ldap with null binding thx @juliourena 2022-10-26 08:58:51 -04:00
mpgn 65724d4553
Merge pull request #653 from Z4kSec/master 
Add Masky module
 2022-10-25 13:03:29 +02:00
mpgn 87108d4878
Merge pull request #658 from Porchetta-Industries/mssql-uaht 
Fix regression for mssql with local_auth thx @juliourena
 2022-10-24 21:26:55 +02:00
mpgn a3b3ab9e92 Fix regression for mssql with local_auth thx @juliourena 2022-10-24 15:20:14 -04:00
mpgn e2130c658c Bump aardwolf to 0.2.0 2022-10-24 15:02:42 -04:00
mpgn 132332a8fd add new color for asreproast account smb 2022-10-24 10:02:01 -04:00
mpgn d61d6f0339 add new color for asreproast account 2022-10-24 09:59:43 -04:00
mpgn b62bd670e0 Don't block if account not green 2022-10-24 09:11:45 -04:00