Commit Graph

860 Commits (f68551a43f5cb733f7393829ff5daf3d5fb0c2da)

Author SHA1 Message Date
mpgn 56f1f9dd93 Login return False only if NT_STATUS_LOGON_FAILURE 2020-06-21 15:21:07 -04:00
mpgn d13042f637 Fix missing user.seek when using file as username with several hosts
this commit maybe break something but it solve this `cme smb file -u file -p file`
2020-06-20 18:43:34 -04:00
mpgn 280d497b0d Add conditional check on the func login()
- modules, options will no longer be loaded if authentication fails
- add some try catch and fix some problem with the debug on the passpolicy class
2020-06-20 18:16:37 -04:00
mpgn 8f2ef3fdaf Add color when smb status is not ACCESS_DENIED #391 2020-06-20 13:20:27 -04:00
mpgn 648d756701 Improve os import for ldap protocol 2020-06-20 06:30:25 -04:00
mpgn c590230f97 Clean authentication fail message on winrm protocol when ntlm error 2020-06-20 06:26:32 -04:00
mpgn b8c505c234 Improve output of protocol winrm 2020-06-20 06:20:53 -04:00
mpgn 046056d273 Add option --continue-on-success to smb protocol 2020-06-20 06:10:05 -04:00
mpgn 5b6d66950f Fix ssh authentication error and update option for unconstrainte delegation to --trusted-for-delegation 2020-06-20 05:56:55 -04:00
mpgn 957820e339 Fix ldap protocol os import 2020-06-19 17:57:09 -04:00
mpgn ad4f06918b Refactor the ldap module and add option --admin-count and --trusted-for-auth 2020-06-19 17:31:34 -04:00
mpgn e5d1942251 Add kerberoasting and asrepoast attack with LDAP protocol 2020-06-19 09:20:22 -04:00
mpgn 401c9b8d49
Merge pull request #325 from GoSecure/ssh-keyfiles
WIP: SSH - Public Key Authentication
2020-05-21 19:28:50 +02:00
Alexandre Beaulieu 4a19d4dc32
feat(ssh): Add support for publickey authentication. 2020-05-21 09:03:12 -04:00
mpgn 757881cbcb Normalize path for pyinstaller linux/windows 2020-05-11 13:48:03 -04:00
mpgn fb9d6fbc59 Fix cme action build 2020-05-10 20:16:34 +02:00
mpgn 8931ec2300 Add Windows spec file to compile CME for Windows 2020-05-10 20:06:08 +02:00
mpgn b796000343 Fix issue #321 option --continue-on-success 2020-05-09 09:36:31 -04:00
mpgn 0a49f75347
Merge pull request #381 from byt3bl33d3r/v5-dev
Some fix pushed in to v5.0.2
2020-05-09 15:09:09 +02:00
mpgn 9e0f4c2524 Update readme with 3.8 badge 2020-05-09 09:04:27 -04:00
mpgn ce7518e689 Add python3.7 to GitHub action 2020-05-09 08:25:02 -04:00
mpgn 3e1fa0f258 Fix local-auth authentication 2020-05-09 08:20:53 -04:00
mpgn d3a7effb86 Fix ssh issue #375 2020-05-09 07:59:53 -04:00
mpgn 618ab8a9cb
Merge pull request #374 from byt3bl33d3r/v5-dev
Merge branch V5 dev to Master
2020-05-05 19:01:18 +02:00
mpgn 9ae444aab9
Merge branch 'master' into v5-dev 2020-05-05 18:51:41 +02:00
mpgn e71b724cdf Bump to 5.0.2dev 2020-05-05 12:50:32 -04:00
mpgn b778306cc1 Always print FQDN 2020-05-05 12:13:32 -04:00
mpgn 3b57fb0869 Add checkifadmin() for Kerberos auth #22 2020-05-05 12:11:18 -04:00
mpgn b3c177857c
Merge pull request #372 from Hackndo/v5-dev
Add module - Set as owned in BloodHound
2020-05-05 10:04:34 +02:00
pixis 4069cb7290 Add module - Set as owned in BloodHound 2020-05-05 09:59:30 +02:00
mpgn 1820cc1ffb Show FQDN instead of domain name 2020-05-04 15:30:56 -04:00
mpgn 1e719912fc
Merge pull request #370 from Hackndo/patch-2
[lsassy module] Update fix about no credentials
2020-05-04 19:36:06 +02:00
Pixis c75d7abebf
Update fix about no credentials 2020-05-04 19:32:58 +02:00
mpgn 622245dcfa Add support kerberos aesKey and kdcHost #22 add lssasy module kerberos support
add error when not credential foud on lsassy module #368
2020-05-04 13:23:41 -04:00
mpgn 52528a44bb Merge branch 'v5-dev' of https://github.com/byt3bl33d3r/CrackMapExec 2020-05-03 14:32:17 -04:00
mpgn 1308bc30c8 Adding Kerberos support for CME #22
TODO
- aeskey
- dc-ip
- checkifadmin()
2020-05-03 14:30:41 -04:00
mpgn 72338026ff
Merge pull request #367 from byt3bl33d3r/v5-metasploit
Add Module metasploit
2020-05-03 18:01:20 +02:00
mpgn 47fe1e4772 Remove submodule and simplify metasploit module #357 2020-05-03 06:19:26 -04:00
mpgn c3c9b2f04a Remove useless code #364 2020-05-01 17:31:54 -04:00
mpgn 13dca86a87 Add lsassy requirements 2020-05-01 17:19:39 -04:00
mpgn 580018050c Add better logic to MSSQL connection #364 2020-05-01 17:18:25 -04:00
mpgn c5be1e5234 Add exception handler when login fails on MSSQL protocol #364 2020-05-01 17:11:54 -04:00
mpgn ef934a7925 Rename options for module metasploit #357 2020-05-01 16:53:02 -04:00
mpgn bfe1d5b7c3 Fix uninitialized variable #363 2020-05-01 14:33:18 -04:00
mpgn 062e312fd5 Add try catch for issue #363 2020-05-01 14:20:55 -04:00
mpgn fd912c0b7d Fix thread stop assert error #357 2020-05-01 14:02:12 -04:00
mpgn 73fb336040 Update module metasploit #357
As the old code with the shellcode was broken, we switch to a simple powershell solution with Invoke-MetasploitPayload.ps1
2020-05-01 13:12:01 -04:00
mpgn 4dc4892660 Check if output is byte before decoding 2020-04-30 13:56:34 -04:00
mpgn 74792ce712 Add option --no-bruteforce allowing credentials spraying without bruteforce
cme accept user file and password file and works like this:
user1 -> pass1
      -> pass2
user2 -> pass1
      -> pass2

Option --no-bruteforce works like this
user1 -> pass1
user2 -> pass2
2020-04-30 10:06:57 -04:00
mpgn db9166fdf1
Update bug_report.md 2020-04-30 11:11:23 +02:00