Skip to content

release/0.2.22
Compare
Choose a tag to compare
@grisuno grisuno released this 07 Dec 02:00
· 23 commits to main since this release
release/0.2.22
This tag was signed with the committer’s verified signature.
grisuno Grisuno
GPG key ID: C8ED7C62321C57F8
Verified
Learn about vigilant mode.
226aa62
This commit was signed with the committer’s verified signature.
grisuno Grisuno
GPG key ID: C8ED7C62321C57F8
Verified
Learn about vigilant mode.

What's Changed

Full Changelog: release/0.2.21...release/0.2.22

spraykatz

Executes the Spraykatz tool to retrieve credentials on Windows machines and large Active Directory environments.

This function:
- Installs Spraykatz if not already installed.
- Executes the Spraykatz command with the provided parameters.
- Displays the result in the terminal.

Behavior:
- Requires python3, python3-pip, git, and nmap to be installed.
- Uses parameters from self.params for username, password, and target.

Usage:
spraykatz

caldera

Installs and starts the Caldera server.

This function:
- Clones the Caldera repository recursively.
- Installs the required dependencies.
- Optionally installs GoLang (1.19+).
- Starts the Caldera server with the provided parameters.

Behavior:
- Requires git, python3, and pip3 to be installed.
- Uses parameters from self.params for version/release.

Usage:
caldera

ntpdate

Synchronizes the system clock with a specified NTP server.

This method constructs the target NTP server address using the domain and subdomain
parameters. It then prompts the user to confirm or modify the target address.
Finally, it executes the ntpdate command to synchronize the system clock with
the specified NTP server.

:param line: The command line input (not used in this method).
:type line: str
:return: None

ticketer

Executes the Impacket ticketer tool to create a golden ticket.

This function performs the following actions:

  1. Checks if the target host is valid.
  2. Prompts the user for the NTLM hash, domain SID, domain name, DC IP, SPN, and username.
  3. Constructs and executes the Impacket ticketer command with the provided information.

Parameters:
line (str): A command argument to determine the authentication mode.
This parameter is not used in this function.

Returns:
None

links

Displays a list of useful links and allows the user to select and copy a link to the clipboard.

This function performs the following actions:

  1. Defines a list of links with their aliases.
  2. Filters the links based on the input line if provided.
  3. Displays the filtered links with their aliases and URLs.
  4. Prompts the user to select a link by entering the corresponding number.
  5. Copies the selected link to the clipboard.

Parameters:
line (str, optional): A string to filter the links. If provided, only the links containing
the string in their alias or URL will be displayed. Defaults to an empty string.

Returns:
None

rsync

Synchronizes the local "sessions" directory to a remote host using rsync, leveraging sshpass for automated authentication.

Steps:
1. Verifies if the credentials file exists in the "sessions" directory.
If not, prompts the user for a username and password.
2. Reads the credentials file if it exists and extracts the username and password.
3. Constructs an rsync command to deploy the "sessions" directory to the remote host.
4. Executes the rsync command using the system shell.

Args:
line (str): Input command line (not used in the current implementation).

Dependencies:
- The sshpass command-line tool must be installed on the local machine.
- rsync must be installed on both the local and remote machines.
- The remote host must be accessible via SSH.

Attributes:
- self.params: Dictionary containing the following keys:
- username (str, optional): Predefined username. Defaults to prompting the user if not provided.
- password (str, optional): Predefined password. Defaults to prompting the user if not provided.
- rhost (str): Remote host's IP or domain name.

Raises:
- KeyError: If rhost is not provided in self.params.
- FileNotFoundError: If the "sessions" directory does not exist.

Note:
- The credentials.txt file, if present, should have credentials in the format username:password
on the first line.

Returns:
None

pre2k

Executes the pre2k tool to query the domain for pre-Windows 2000 machine accounts or to pass a list of hostnames to test authentication.

This function:
- Installs pre2k if not already installed.
- Executes the pre2k command with the provided parameters.
- Displays the result in the terminal.

Behavior:
- Requires python3, python3-pip, and git to be installed.
- Uses parameters from self.params for domain, username, password, and target.

Usage:
pre2k auth -u -p -d -dc-ip <dc_ip>
pre2k unauth -d -dc-ip <dc_ip> -inputfile

gmsadumper

Executes the gMSADumper tool to read and parse gMSA password blobs accessible by the user.

This function:
- Installs gMSADumper if not already installed.
- Executes the gMSADumper command with the provided parameters.
- Displays the result in the terminal.

Behavior:
- Requires python3, python3-pip, and git to be installed.
- Uses parameters from self.params for domain, username, password, and target.

Usage:
gmsadumper -u -p -d
gmsadumper -u -p <LM:NT hash> -d -l <ldap_server>
gmsadumper -k -d -l <ldap_server>

dnschef

Executes the DNSChef tool to monitor DNS queries and intercept responses.

This function:
- Installs DNSChef if not already installed.
- Executes the DNSChef command with the provided parameters.
- Displays the result in the terminal.

Behavior:
- Requires python3, python3-pip, and git to be installed.
- Uses parameters from self.params for domain, username, password, and target.

Usage:
dnschef

dploot

Executes the dploot tool to loot DPAPI related secrets from local or remote targets.
Actions: backupkey,blob,browser,certificates,credentials,machinecertificates,machinecredentials,machinemasterkeys,machinevaults,masterkeys,mobaxterm,rdg,sccm,vaults,wam,wifi
This function:
- Installs dploot if not already installed.
- Executes the dploot command with the provided parameters.
- Displays the result in the terminal.

Behavior:
- Requires python3, python3-pip, and git to be installed.
- Uses parameters from self.params for domain, username, password, and target.

Usage:
dploot -d -u -p -t
dploot -k -d -t

banners

createpayload

Generates an obfuscated payload to evade AV detection using the payloadGenerator tool. thanks to smokeme

This function:
- Clones the payloadGenerator repository if not already cloned.
- Installs .NET Framework 4.5 if not already installed.
- Executes the generator.py script with the provided IP, port, and XOR key.
- Displays the result in the terminal.
Parameters:
line (str): lenght of xor key
Behavior:
- Requires git and dotnet to be installed.
- Uses parameters from self.params for IP, port, and XOR key.

Usage:
createpayload

bin2shellcode

Converts a binary file to a shellcode string in C or Nim format.

This function:
- Reads a binary file and converts its contents to a shellcode string.
- Supports both C and Nim formats.
- Displays the result in the terminal and saves it to a file.

Behavior:
- Requires the filename, width, quotes, and format parameters.
- Uses default values if parameters are not provided.
- Uses parameters from self.params for filename, width, quotes, and format.

Usage:
bin2shellcode [ [ [ []]]]

Contributors

grisuno
Assets 2
Loading
0 Join discussion