Locked CRACKMAPEXEC V5.1.7dev – A swiss army knife for pentesting networks

[itsMe]

This is the hidden content, please

• Sign In
• or
• Sign Up

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS solutions.

CME makes heavy use of the Impacket library (developed by @asolino) and the PowerSploit Toolkit (developed by @mattifestation) for working with network protocols and performing a variety of post-exploitation techniques.

Although meant to be used primarily for offensive purposes (e.g. red teams), CME can be used by blue teams as well to assess account privileges, find possible misconfiguration, and simulate attack scenarios.

CrackMapExec is developed by @byt3bl33d3r

This repository contains the following repositories as submodules:

    Impacket
    Pywinrm
    Pywerview
    PowerSploit
    Invoke-Obfuscation
    Invoke-Vnc
    Mimikittenz
    NetRipper
    RandomPS-Scripts
    SessionGopher
    Mimipenguin

Changelog v5.1.7dev

💫 Features 💫

    Add module MachineAccountQuota.py to retrieves the MachineAccountQuota domain-level attribute related to the current user @p0dalirius
    Add module get-desc-users Get the description of each users and search for password in the description @nodauf
    Add module mssql_priv to enumerate and exploit MSSQL privileges @sokaRepo
    Add option --password-not-required to retrieve the user with the flag PASSWD_NOTREQD @nodauf
    Add custom port for WinRM
    Switch from gevent to asyncio
    Shares are now logged in the database and can be queried
    You can now press enter while a scan is being performed and CME will give you a completion percentage and the number of hosts remaining to scan
    Add better error message on LDAP protocol
    Add more options to LDAP
        option --groups
        option --users
        option --continue-on-success
    Add additional Info to LDAP Kerberoasting
        Account Name
        Password last set
        Last logon
        Member of
    Bump lsassy to latest version 2
    Add new option --amsi-bypass to bypass AMSI with your own custom code
    Add module LAPS to retrieve all LAPS passwords
    Add IPv6 support
    Add improvment when testing null session for the output
    Remove thirdparty folder 🥳

🔧 Issues 🔧

    Fix spelling mistakes
    Rename options EXT and DIR to EXCLUDE_EXTS EXCLUDE_DIR on spider_plus module
    Fix MSSQL protocol (command exec with powershell and enum) thanks @Dliv3
    Fix module Wireless
    Fix issue with --pass-pol for Maximum password age
    Fix encoding issue with spider option

This is the hidden content, please

• Sign In
• or
• Sign Up