CrackMapExec v2.2 Pentest for Active Directory

CrackMapExec v2.2 Pentest for Active Directory

CrackMapExec is your one-stop-shop for pentesting Windows/Active Directory environments!

From enumerating logged on users and spidering SMB shares to executing psexec style attacks, auto-injecting Mimikatz/Shellcode/DLL’s into memory using Powershell, dumping the NTDS.dit and more!

The biggest improvements over the above tools are:

  • Pure Python script, no external tools required
  • Fully concurrent threading
  • Uses ONLY native WinAPI calls for discovering sessions, users, dumping SAM hashes etc…
  • Opsec safe (no binaries are uploaded to dump clear-text credentials, inject shellcode etc…)

 

positional arguments:
 target The target range, CIDR identifier or file containing targets
optional arguments:
 -h, --help show this help message and exit
 -v, --version show program's version number and exit
 -t THREADS Set how many concurrent threads to use (defaults to 100)
 -u USERNAME Username(s) or file containing usernames
 -p PASSWORD Password(s) or file containing passwords
 -H HASH NTLM hash(es) or file containing NTLM hashes
 -C COMBO_FILE Combo file containing a list of domain\username:password or username:password entries
 -k HEX_KEY AES key to use for Kerberos Authentication (128 or 256 bits)
 -d DOMAIN Domain name
 -n NAMESPACE WMI Namespace (default: //./root/cimv2)
 -s SHARE Specify a share (default: C$)
 --kerb Use Kerberos authentication. Grabs credentials from ccache file (KRB5CCNAME) based on target parameters
 --port {139,445} SMB port (default: 445)
 --server {http,https}
 Use the selected server (defaults to http)
 --server-port PORT Start the server on the specified port
 --fail-limit LIMIT The max number of failed login attempts allowed per host (default: None)
 --gfail-limit LIMIT The max number of failed login attempts allowed globally (default: None)
 --verbose Enable verbose output

More Information: here

[button size=large style=round color=red align=none url=https://github.com/byt3bl33d3r/CrackMapExec]Download CrackMapExec v2.2[/button]

Thanks to our friend byt3bl33d3r, for sharing this tool with us 😉

MaxiSoler

www.artssec.com @maxisoler
GISEC Armory Edition 1 Dubai 2024 – Call For Tools is Open

GISEC Armory Edition 1 Dubai 2024 – Call For Tools is Open

Black Hat Arsenal 2024 Next Stop Singapore !

Black Hat Arsenal 2024 Next Stop Singapore !

ToolsWatch Armory at GISEC 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

ToolsWatch Armory at GISEC 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community

Top 10 Most Used MITRE ATT&CK Tactics & Techniques In 2020

Top 10 Most Used MITRE ATT&CK Tactics & Techniques In 2020