byt3bl33d3r
424c34c4f4
Added a -y in kali install script
2016-04-16 17:30:54 -06:00
byt3bl33d3r
42e4b05a3b
Added missing dep in kali install script
2016-04-16 17:06:25 -06:00
byt3bl33d3r
7737f65fda
Added path checking in Kalis install script
2016-04-16 15:52:34 -06:00
byt3bl33d3r
b155649619
Initial commit for Kali install script
2016-04-16 15:50:21 -06:00
byt3bl33d3r
0bb288e7a0
fixed module names
2016-04-12 10:55:54 -06:00
byt3bl33d3r
f890da0a60
Fixed wrong variable in get_computers module
2016-04-12 10:52:57 -06:00
byt3bl33d3r
c2217f1c81
Added the get_computers module
2016-04-12 10:48:48 -06:00
byt3bl33d3r
69167140af
Added the get_groups module
2016-04-12 10:15:59 -06:00
byt3bl33d3r
f6c2c2f24d
Added the get_group_members module
2016-04-12 01:07:25 -06:00
byt3bl33d3r
e5e954068a
Added options in token module to search for a specific username in
...
enumerated tokens
2016-04-12 00:09:08 -06:00
byt3bl33d3r
1d6cc4ac64
Fixed typo variable
2016-04-11 23:33:57 -06:00
byt3bl33d3r
ec14e47258
Changed the add_credential SQL query, added tab complete support fro the
...
import command
2016-04-11 23:23:15 -06:00
byt3bl33d3r
b85a4ecabd
Database navigator now supports filtering seearching through hosts and creds (like Empire)
2016-04-11 23:06:42 -06:00
byt3bl33d3r
cd9a77796f
This commit introduces a command in cme_db.py which will import
...
credentials from Empire using it's RESTful API (resolves half of issue #89 )
Reading through Metasploit's docs, it seems like you cannot access
it's stored credentials using the RPC server (would have to directly
access the postgres db, I do have to confirm this tho)
2016-04-10 17:10:33 -06:00
byt3bl33d3r
3ce031ffee
Made the output of --lusers actually decent
2016-04-09 15:18:10 -06:00
byt3bl33d3r
4da8c07956
Cleaned up the Powershell code in the token_rider module:
...
* Added error handling in case a command fails to execute on a target
* POST request code is now a function
* Made the output POST'd back to us actually useful
2016-04-09 14:36:31 -06:00
byt3bl33d3r
94d1c040c8
Initial commit for the token_rider module! OMFG this thing is amazing
...
it deserves its own blog post!
Fixed a bug with the smbexec execution method which would cause it to
exit without retrieving output
2016-04-09 03:57:40 -06:00
byt3bl33d3r
d3eb5cd8ff
Added entry in .gitignore
2016-04-08 22:13:01 -06:00
byt3bl33d3r
84dfa1d839
Lots of unicode fixes (omfg halp) resolves issue #92
2016-04-08 20:38:49 -06:00
byt3bl33d3r
9052e48286
Removed decription of authentication error (will display if --verbose is
...
passed)
Fixed host tracking in the inject_pe_dll.py module
2016-04-08 19:58:01 -06:00
byt3bl33d3r
eb4f185118
Database now tracks which users have admin access to which hosts
...
Added a configuration file for specifying Empire's and Metasploits API and RPC creds
Added the empire_agent_exec module: connects to Empire, generates a launcher and executes it
Minor bug fixes
2016-04-08 00:25:06 -06:00
byt3bl33d3r
a1c41d97c9
Fixed incorrect error handling when database wasn't created
...
(part of issue #93 )
2016-04-03 20:21:58 -06:00
byt3bl33d3r
cd989879d4
Removed debug statement and fixed output in tokens.py module
2016-03-30 13:11:28 -06:00
byt3bl33d3r
7bfe04236a
Added a tokens module to enumerate available tokens
...
Added a --server-host flag to specify the IP to bind the server to
2016-03-30 12:58:55 -06:00
byt3bl33d3r
9262832b86
Fixed missing imports when dumping NTDS via vss
2016-03-30 11:37:34 -06:00
byt3bl33d3r
7e6657eedb
fixed timeout and error handling when smb spidering
2016-03-30 10:06:23 -06:00
byt3bl33d3r
e6a293c9f3
Updated usage in README
2016-03-30 00:47:17 -06:00
byt3bl33d3r
e5e38cb881
Re-added License to master
2016-03-30 00:45:16 -06:00
byt3bl33d3r
05387abf65
Changed the wdigest flag
2016-03-30 00:26:09 -06:00
byt3bl33d3r
811001edc4
Forgot to add the smbspider class back in connector.py, whoops!
2016-03-29 23:58:24 -06:00
byt3bl33d3r
0bc0855c43
Added default mimikatz command to module description
2016-03-28 00:42:42 -06:00
byt3bl33d3r
f8afef444c
Changed README again
2016-03-28 00:25:19 -06:00
byt3bl33d3r
f5895ac4ea
Changed README
2016-03-28 00:21:20 -06:00
byt3bl33d3r
6eabf0224c
Updated README
2016-03-27 15:45:41 -06:00
byt3bl33d3r
10a12a9a0f
Initial v3.0 commit to master
...
Quick re-cap on the new features:
* Credentials and hosts are now stored in a database, the cme_db.py script can be used to query it
* Module system has been implemented allowing anyone to create payloads
* All underlying powershell code has been ported to a module
* The HTTP/HTTPS server now tracks connections: no more guessing when to CTRL-C
* All around better code quality, error handling and logging
2016-03-27 15:17:18 -06:00
byt3bl33d3r
792a631fe2
Updated the usage in README
2016-03-12 19:20:40 -07:00
byt3bl33d3r
4c3ca3a0f6
Added the --tokens options to enumerate available tokens (issue #86 )
...
Re-added Empire's function to strip powershell comments
Changed the PowerView PS script to the actual supported one
2016-03-12 18:24:08 -07:00
byt3bl33d3r
5814121e6d
Actually pushing the new cert would be nice
2016-03-11 22:08:13 -07:00
byt3bl33d3r
f4141c9041
Regererated SSL cert, fixed a typo variable
2016-03-11 22:02:25 -07:00
byt3bl33d3r
3ec981f3fa
Re-added the --timeout option
2016-03-11 20:09:52 -07:00
byt3bl33d3r
ade4c12ad4
Revert "Stole Empires powershell architecture detection code, arch is now detected and handled automatically"
...
This reverts commit cd103f5cb6
.
This is being reverted due to a bug in wmiexec when executing long
command strings. Falling back to the old method for now until/if fixed.
2016-03-11 20:01:42 -07:00
byt3bl33d3r
bdcebd0045
Changed the default server to HTTPS (cause why not)
2016-03-07 22:32:35 -07:00
byt3bl33d3r
cd103f5cb6
Stole Empires powershell architecture detection code, arch is now detected and handled automatically
...
Removed the --ps-arch option as its now useless
Added a --timeout switch to specify a max timeout for each thread
Regenerated default key and cert for the https server
2016-03-07 20:13:51 -07:00
byt3bl33d3r
2427ccaa9b
Updated README
2016-01-27 00:29:35 -07:00
byt3bl33d3r
7b255b3c9a
- More code cleanup in the smart_login function, added pwdump support
...
when using the combo file (-C) flag (resolves #80 )
2016-01-26 23:50:33 -07:00
byt3bl33d3r
c50ffb0f65
- Re-Factored MSSQL support for better integration when executing
...
commands and attacks (e.g. mimikatz, injection)
- By default, the --mssql flag will enumerate db instances and will
allow you to execute commands through xp_cmdshell
- Made some logic changes on how/when connections are initiated
2016-01-26 21:23:03 -07:00
byt3bl33d3r
3c5cf012fd
- Password. Username and Hash flags now accept one file or
...
user/pass/has per
argument
- smart_login function partial code cleanup
2016-01-19 01:56:42 -07:00
byt3bl33d3r
b1646c3f76
- Made output *FABULOUS* by aligning the logger output
...
- Moar unicode fixes (srsly fuck unicode)
2016-01-18 20:40:50 -07:00
byt3bl33d3r
224befe25d
Fixed bug that would cause a traceback in rpcquery.py when PTH
2016-01-17 22:43:57 -07:00
byt3bl33d3r
5c31910571
Fixed .join() error in smart_login.py when PTH
2016-01-17 22:42:53 -07:00