Commit Graph

38 Commits (ce8094045d051b86ff65047857671984bcb9e880)

Author SHA1 Message Date
mpgn 7323502421 Bump to 5.1.0dev 2020-06-25 21:25:31 -04:00
mpgn e5d1942251 Add kerberoasting and asrepoast attack with LDAP protocol 2020-06-19 09:20:22 -04:00
mpgn e71b724cdf Bump to 5.0.2dev 2020-05-05 12:50:32 -04:00
pixis 4069cb7290 Add module - Set as owned in BloodHound 2020-05-05 09:59:30 +02:00
mpgn 13dca86a87 Add lsassy requirements 2020-05-01 17:19:39 -04:00
mpgn f58a10124d Update winrm method to allows code execution from normal user
User who can winrm but are not local admin can now use this method to exec command
more at https://github.com/diyan/pywinrm/issues/275

we switch from pywinrm to pypsrp
2020-04-28 15:30:18 -04:00
byt3bl33d3r 3009af5ee0
Update shebang of setup.py (#347) 2020-04-20 20:09:24 -03:00
byt3bl33d3r 6c0228f403 Fixed dependency hell, added Github actions workflow
- Got rid of netaddr in favor of built in ipaddress module
- cme/cmedb binaries are now built with shiv
- Removed http protocol as it was basically useless and added another
  dependency
2020-04-20 13:19:55 -03:00
mpgn 9790c67620 Fix pylnk3 version from setup
fix warning with pylnk3 version
remove useless import and comment from lsassy module
2020-04-19 15:18:23 -04:00
mpgn a28b730d0d Switch pywinrm thirdparty to pip 2020-02-15 06:01:14 -05:00
mpgn 6ad97132af Fix pylnk error thx to @blshkv 2020-02-14 09:50:15 -05:00
mpgn 545b59054b Fix Pipfile python version and submodile version 2020-01-16 04:34:21 -05:00
byt3bl33d3r 333f1c4e06 Updated all submodules, replace pycrypto with pycryptodomex 2019-03-13 21:51:25 -06:00
Gabriel 2276c06755
adding shabang
shabang declaration allows simpler ./setup.py execution on command line which matches existing executable permissions on setup file, rather than requiring 'python setup.py' execution
2019-02-05 13:31:02 -06:00
byt3bl33d3r 4b35455997 Refactored Database Menu code
- Fixed some MSSQL DB interaction bugs
- Made MSSQL DB schema more consistent
- cmedb output now gets formatted using terminaltables (so perty)
- Made everything a bit more PEP8 compliant
2017-11-02 17:43:08 +08:00
byt3bl33d3r 1603ac4819 Added WINRM support, NMap XML and .Nessus parsing
- Added the WINRM protocol, CME now supports executing commands through WinRM (Powershell Remoting)
- Added support for NMap XML and .Nessus files if given as targets
- Fixed a bug in the MSSQL protocol which caused it to not retrieve host info
- Version Bump
2017-10-24 20:08:19 -06:00
byt3bl33d3r 0b936def23 Takes care of issue #190 and #191, initial SSH protocol implementation
- Passing --ntds will automatically use the drsuapi method (DCSync)
- Initial implementation of the SSH protocol and the mimipenguin module
  (This is very much still not finished, lots of stuff missing)

- Added check to make sure existing config file is in the 4.x format
- Added splinter and paramiko to dep requirements
- Updated Impacket to latest commit
- HTTP protocol now also returns server version in output
2017-07-09 23:44:58 -06:00
byt3bl33d3r c26d993db4 Added Slinky module, pylnk in requirements 2017-05-04 19:13:11 -06:00
byt3bl33d3r f0752f61b7 Re-wrote the HTTP protocol to use splinter and phantomjs
- All http connections are now concurrent
- Added a flag to take screenshots of webpages
- Minor Code cleanup
2017-04-30 12:54:35 -06:00
byt3bl33d3r d9fb2a506a Fixes #168 and #167 2017-04-26 17:04:15 -06:00
byt3bl33d3r f1e5a88c05 setup.py fix 2017-03-27 15:23:13 -06:00
byt3bl33d3r 751f209cd7 Initial 4.0 pre-release 2017-03-27 15:09:36 -06:00
byt3bl33d3r 9fefd167b0 Initial commit for v4.0
Just fyi for anyone reading this, it's not even close to being
finished.

The amount of changes are pretty insane, this commit is to serve as a
refrence point for myself.

Highlights for v4.0:
- The whole codebase has been re-written from scratch
- Codebase has been cut around 2/4
- Protocols are now modular! In theory we could use CME for everything
- Module chaining has been removed for now, still trying to figure out a
more elegant solution
- Workspaces have implemented in cmedb
- The smb protocol's database schema has been changed to support storing users,
groups and computers with their respective memberships and relations.
- I'm in the process of re-writing most of the modules, will re-add them
once i've finished
2016-12-15 00:28:00 -07:00
byt3bl33d3r 07872985d7 This commit addresses a number of issues including #130 and #126 2016-09-21 13:40:59 -06:00
byt3bl33d3r 2121503ffe Removed some debug code and dependency_link in setup.py 2016-09-12 01:10:08 -06:00
byt3bl33d3r db056d1ab4 Initial implementation of module chaining
Oook, this commit is basicallu just so I can start tracking (and
testing) all of the changes made so far:

- All execution methods are now completely fileless, all output and/or batch
  files get outputted/hosted locally on a SMB server that gets spun up on runtime

- Module structure has been modified for module chaining

- Module chaining implementation is currently very hacky, I definitly
  have to figure out something more elegant but for now it
  works. Module chaining is performed via the -MC flag and has it's own
  mini syntax (will be adding it to the wiki)

- You can now specify credential ID ranges using the -id flag
- Added the eventvwr_bypass and rundll32_exec modules
- Renamed a lot of the modules for naming consistency

TODO:

- Launchers/Payloads need to be escaped before being generated when
  module chaining

- Add check for modules 'required_server' attribute
- Finish modifying the functions in the Connection object so they return
  the results
2016-09-12 00:52:50 -06:00
byt3bl33d3r 90f1f3ad54 Some extensive code refactoring
- The whole connector function has been removed finally (was there since
  v1.0)
- Functions now get called dynamically based on parsed arguments
- All of CME's functionality can now be accessed through the modules
  (W00t!), just have finish modifing the code so the results will get
  returned
2016-08-12 00:36:38 -06:00
byt3bl33d3r 4e89098161 Version Bump 2016-08-08 19:08:30 -06:00
byt3bl33d3r 377f5a7706 Added a 'cme' script entry point in setup.py 2016-08-02 09:07:40 -06:00
byt3bl33d3r 9af1ab56cf Added the mimikittenz module
- Removed the mem_scraper module since the new mimikittenz module should
  replace its functionalitu

- Fixed newline in enum_chrome output
- Version Bump
2016-08-01 02:23:17 -06:00
byt3bl33d3r f189b50a5f Version bump to 3.1.2
Updated install instructions and setup.py since impacket 0.9.15 has been
released!
2016-06-28 16:28:49 -06:00
byt3bl33d3r 04da664df7 Updated setup.py 2016-06-25 11:09:48 -06:00
byt3bl33d3r b4559abaac Version bump 2016-06-08 21:51:25 -06:00
byt3bl33d3r 67c26ccf41 Changed version number for Pypi and updated Install instructions again 2016-06-04 03:13:23 -06:00
byt3bl33d3r d4e5633437 setup.py wierdness 2016-06-04 02:39:58 -06:00
byt3bl33d3r 5b8b255278 Forgot to change the package description 2016-06-04 01:48:00 -06:00
byt3bl33d3r 23d8a6517f Refactoring for packiging is now complete! 2016-06-04 01:13:38 -06:00
byt3bl33d3r 68a908562a Second round of refactoring for packaging 2016-06-03 23:42:26 -06:00