Commit Graph

202 Commits (b7960003432a024a12616dfb6131e59ccc230be9)

Author SHA1 Message Date
mpgn b796000343 Fix issue #321 option --continue-on-success 2020-05-09 09:36:31 -04:00
mpgn 3e1fa0f258 Fix local-auth authentication 2020-05-09 08:20:53 -04:00
mpgn d3a7effb86 Fix ssh issue #375 2020-05-09 07:59:53 -04:00
mpgn 9ae444aab9
Merge branch 'master' into v5-dev 2020-05-05 18:51:41 +02:00
mpgn e71b724cdf Bump to 5.0.2dev 2020-05-05 12:50:32 -04:00
mpgn b778306cc1 Always print FQDN 2020-05-05 12:13:32 -04:00
mpgn 3b57fb0869 Add checkifadmin() for Kerberos auth #22 2020-05-05 12:11:18 -04:00
pixis 4069cb7290 Add module - Set as owned in BloodHound 2020-05-05 09:59:30 +02:00
mpgn 1820cc1ffb Show FQDN instead of domain name 2020-05-04 15:30:56 -04:00
Pixis c75d7abebf
Update fix about no credentials 2020-05-04 19:32:58 +02:00
mpgn 622245dcfa Add support kerberos aesKey and kdcHost #22 add lssasy module kerberos support
add error when not credential foud on lsassy module #368
2020-05-04 13:23:41 -04:00
mpgn 52528a44bb Merge branch 'v5-dev' of https://github.com/byt3bl33d3r/CrackMapExec 2020-05-03 14:32:17 -04:00
mpgn 1308bc30c8 Adding Kerberos support for CME #22
TODO
- aeskey
- dc-ip
- checkifadmin()
2020-05-03 14:30:41 -04:00
mpgn 72338026ff
Merge pull request #367 from byt3bl33d3r/v5-metasploit
Add Module metasploit
2020-05-03 18:01:20 +02:00
mpgn 47fe1e4772 Remove submodule and simplify metasploit module #357 2020-05-03 06:19:26 -04:00
mpgn c3c9b2f04a Remove useless code #364 2020-05-01 17:31:54 -04:00
mpgn 580018050c Add better logic to MSSQL connection #364 2020-05-01 17:18:25 -04:00
mpgn c5be1e5234 Add exception handler when login fails on MSSQL protocol #364 2020-05-01 17:11:54 -04:00
mpgn ef934a7925 Rename options for module metasploit #357 2020-05-01 16:53:02 -04:00
mpgn bfe1d5b7c3 Fix uninitialized variable #363 2020-05-01 14:33:18 -04:00
mpgn 062e312fd5 Add try catch for issue #363 2020-05-01 14:20:55 -04:00
mpgn fd912c0b7d Fix thread stop assert error #357 2020-05-01 14:02:12 -04:00
mpgn 73fb336040 Update module metasploit #357
As the old code with the shellcode was broken, we switch to a simple powershell solution with Invoke-MetasploitPayload.ps1
2020-05-01 13:12:01 -04:00
mpgn 4dc4892660 Check if output is byte before decoding 2020-04-30 13:56:34 -04:00
mpgn 74792ce712 Add option --no-bruteforce allowing credentials spraying without bruteforce
cme accept user file and password file and works like this:
user1 -> pass1
      -> pass2
user2 -> pass1
      -> pass2

Option --no-bruteforce works like this
user1 -> pass1
user2 -> pass2
2020-04-30 10:06:57 -04:00
mpgn 7b0f2e9bdb Add multi domain support DOMAIN\user when passing file to -u option #243 2020-04-29 12:32:21 -04:00
mpgn 2ca377f3d8 Simplify command for wireless password #305 2020-04-29 11:09:44 -04:00
mpgn b6a6e6a9bf Add wireless module #305 2020-04-29 11:03:52 -04:00
mpgn 78c5d9ebd9 Update WINRM authentication option
If you want to avoind SMB connection use the flag -d DOMAIN
2020-04-29 06:28:47 -04:00
mpgn 479ae1f721 Update MSSQL protocol for windows authentication #306
If you want to use windows auth for MSSQL without SMB, add the flag -d DOMAIN
2020-04-29 05:56:11 -04:00
mpgn f58a10124d Update winrm method to allows code execution from normal user
User who can winrm but are not local admin can now use this method to exec command
more at https://github.com/diyan/pywinrm/issues/275

we switch from pywinrm to pypsrp
2020-04-28 15:30:18 -04:00
mpgn a20d28a885 Update RID-Hijacking to latest version #353 2020-04-28 13:22:42 -04:00
mpgn e9a5841731 Fix typo on put-file function 2020-04-28 12:28:25 -04:00
mpgn f84035fa7a Add function get-file and put-file 2020-04-28 12:22:30 -04:00
mpgn 1bbe1ac0cc Clean output of mssql protocol 2020-04-28 09:39:33 -04:00
mpgn af68773b6c Fix #352 target using file 2020-04-28 08:42:25 -04:00
mpgn 356b020cb3 Fix winrm warning from pywinrm 2020-04-28 07:24:01 -04:00
mpgn 63cf5af003 Fix smbexec function #269 2020-04-28 06:19:33 -04:00
mpgn 18c438993c Fix ssh connection #351 2020-04-28 06:11:16 -04:00
mpgn ba04528738 Add feature: file as argument for -x and -X command #269 2020-04-27 16:38:30 -04:00
mpgn f19f137b0d Fix smbexec.py decode error 2020-04-22 11:04:22 -04:00
mpgn 84222eb001 Fix bytes error on gpp_autologin and gpp_password modules 2020-04-22 10:33:03 -04:00
mpgn a13ec6c3d6 Fix gpp_password encoding error with python3 #350 2020-04-22 06:43:17 -04:00
mpgn 1e8cd73a26 Switch Invoke-VNC project to python3 branch #317 2020-04-21 09:12:43 -04:00
byt3bl33d3r 6c0228f403 Fixed dependency hell, added Github actions workflow
- Got rid of netaddr in favor of built in ipaddress module
- cme/cmedb binaries are now built with shiv
- Removed http protocol as it was basically useless and added another
  dependency
2020-04-20 13:19:55 -03:00
mpgn e294a72924 Fix mimikatz module decode error #308 2020-04-20 06:24:56 -04:00
sw ed8c91ab60 changed comparison operators that generate syntax warnings 2020-04-20 03:22:03 +03:00
mpgn 9790c67620 Fix pylnk3 version from setup
fix warning with pylnk3 version
remove useless import and comment from lsassy module
2020-04-19 15:18:23 -04:00
pixis 47c83d90dc Add lsassy module 2020-04-19 20:30:35 +02:00
mpgn e2e976847b Update module rid_hijack to python3 2020-04-19 14:09:32 -04:00