Skip to content
This repository has been archived by the owner on Dec 6, 2023. It is now read-only.

Commit

Permalink
Merge pull request #381 from byt3bl33d3r/v5-dev
Browse files Browse the repository at this point in the history 
Some fix pushed in to v5.0.2
  • Loading branch information
mpgn authored May 9, 2020
2 parents 618ab8a + 9e0f4c2 commit 0a49f75
Show file tree
Hide file tree
Showing 4 changed files with 18 additions and 10 deletions.
3 changes: 1 addition & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
![Supported Python versions](https://img.shields.io/badge/python-3.6+-blue.svg)
![Supported Python versions](https://img.shields.io/badge/python-3.8+-blue.svg)

# CrackMapExec

Expand Down Expand Up @@ -46,5 +46,4 @@ If you use CrackMapExec a lot (especially if it's used commercially), please con
Press the "Sponsor" button on the top of this page to see ways of donating/sponsoring this project.

# To do
- Kerberos support
- ~~0wn everything~~
17 changes: 13 additions & 4 deletions cme/connection.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,7 +181,7 @@ def login(self):
tmp = usr
usr = tmp.split('\\')[1].strip()
self.domain = tmp.split('\\')[0]
if self.args.hash:
if hasattr(self.args, 'hash') and self.args.hash:
with sem:
for ntlm_hash in self.args.hash:
if isinstance(ntlm_hash, str):
Expand All @@ -205,19 +205,28 @@ def login(self):
for password in self.args.password:
if isinstance(password, str):
if not self.over_fail_limit(usr.strip()):
if self.plaintext_login(self.domain, usr.strip(), password): return True
if hasattr(self.args, 'domain'):
if self.plaintext_login(self.domain, usr.strip(), password): return True
else:
if self.plaintext_login(usr.strip(), password): return True

elif not isinstance(password, str) and isfile(password.name) and self.args.no_bruteforce == False:
for f_pass in password:
if not self.over_fail_limit(usr.strip()):
if self.plaintext_login(self.domain, usr.strip(), f_pass.strip()): return True
if hasattr(self.args, 'domain'):
if self.plaintext_login(self.domain, usr.strip(), f_pass.strip()): return True
else:
if self.plaintext_login(usr.strip(), f_pass.strip()): return True
password.seek(0)

elif not isinstance(password, str) and isfile(password.name) and self.args.no_bruteforce == True:
user.seek(0)
for usr, f_pass in zip(user, password):
if not self.over_fail_limit(usr.strip()):
if self.plaintext_login(self.domain, usr.strip(), f_pass.strip()): return True
if hasattr(self.args, 'domain'):
if self.plaintext_login(self.domain, usr.strip(), f_pass.strip()): return True
else:
if self.plaintext_login(usr.strip(), f_pass.strip()): return True

elif isinstance(user, str):
if hasattr(self.args, 'hash') and self.args.hash:
Expand Down
7 changes: 3 additions & 4 deletions cme/protocols/smb.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,10 +237,9 @@ def enum_host_info(self):

if self.args.domain:
self.domain = self.args.domain

# always print FQDN even if local auth
# if self.args.local_auth:
# self.domain = self.hostname

if self.args.local_auth:
self.domain = self.hostname

#Re-connect since we logged off
self.create_conn_obj()
Expand Down
1 change: 1 addition & 0 deletions cme/protocols/ssh.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ class ssh(connection):
@staticmethod
def proto_args(parser, std_parser, module_parser):
ssh_parser = parser.add_parser('ssh', help="own stuff using SSH", parents=[std_parser, module_parser])
ssh_parser.add_argument("--no-bruteforce", action='store_true', help='No spray when using file for username and password (user1 => password1, user2 => password2')
#ssh_parser.add_argument("--key-file", type=str, help="Authenticate using the specified private key")
ssh_parser.add_argument("--port", type=int, default=22, help="SSH port (default: 22)")

Expand Down

0 comments on commit 0a49f75

Please sign in to comment.