Codebase list python-lsassy / e1ca678d-ab0d-45d3-aa19-24a52a4656ce/main lsassy.egg-info / PKG-INFO
e1ca678d-ab0d-45d3-aa19-24a52a4656ce/main

Tree @e1ca678d-ab0d-45d3-aa19-24a52a4656ce/main (Download .tar.gz)

PKG-INFO @e1ca678d-ab0d-45d3-aa19-24a52a4656ce/mainraw · history · blame 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
Metadata-Version: 2.1
Name: lsassy
Version: 2.1.4
Summary: Python library to parse remote lsass dumps
Home-page: https://github.com/Hackndo/lsassy/
Author: Pixis
Author-email: hackndo@gmail.com
License: MIT
Description: # lsassy
        
        [![PyPI version](https://d25lcipzij17d.cloudfront.net/badge.svg?id=py&type=6&v=2.1.4&x2=0)](https://pypi.org/project/lsassy/) [![Twitter](https://img.shields.io/twitter/follow/hackanddo?label=HackAndDo&style=social)](https://twitter.com/intent/follow?screen_name=hackanddo)
        
        ![Example](https://github.com/Hackndo/lsassy/raw/master/assets/example.png)
        
        Python library to remotely extract credentials on a set of hosts. This [blog post](https://en.hackndo.com/remote-lsass-dump-passwords/) explains how it works.
        
        This library uses [impacket](https://github.com/SecureAuthCorp/impacket) project to remotely read necessary bytes in lsass dump and [pypykatz](https://github.com/skelsec/pypykatz) to extract credentials.
        
        | Chapters                                     | Description                                             |
        |----------------------------------------------|---------------------------------------------------------|
        | [Requirements](#requirements)                | Requirements to install lsassy from source              |
        | [Warning](#warning)                          | Before using this tool, read this                       |
        | [Documentation](#documentation)              | Lsassy documentation                                    |
        | [CrackMapExec Module](#crackmapexec-module)  | Link to CrackMapExec module included in this repository |
        | [Issues](#issues)                            | Read this before creating an issue                      |
        | [Acknowledgments](#acknowledgments)          | Kudos to these people and tools                         |
        | [Contributors](#contributors)                | People contributing to this tool                        |
        
        ## Requirement
        
        * Python >= 3.6
        
        ## Warning
        
        Although I have made every effort to make the tool stable, traces may be left if errors occur.
        
        This tool can either leave some lsass dumps if it failed to delete it (eventhough it tries hard to do so) or leave a scheduled task running if it fails to delete it. This shouldn't happen, but it might. Now, you know, use it with caution.
        
        ## Documentation
        
        The tool is fully documented in the project's [wiki](https://github.com/Hackndo/lsassy/wiki)
        
        ### Installation
        
        * [Installation](https://github.com/Hackndo/lsassy/wiki/Lsassy-Installation)
        
        ### Standalone
        
        * [Basic Usage](https://github.com/Hackndo/lsassy/wiki/Lsassy-Basic-Usage)
        * [Advanced Usage](https://github.com/Hackndo/lsassy/wiki/Lsassy-Advanced-Usage)
        
        ### Library
        
        * [Basic Usage](https://github.com/Hackndo/lsassy/wiki/Lsassy-lib-Basic-Usage)
        * [Advanced Usage](https://github.com/Hackndo/lsassy/wiki/Lsassy-lib-Advanced-Usage)
        
        ### CrackMapExec module
        
        * CrackMapExec module is now [part of CrackMapExec project](https://github.com/byt3bl33d3r/CrackMapExec/pull/341)
        * CME module is [documentated in project's wiki](https://github.com/Hackndo/lsassy/wiki/)
        
        ## Changelog
        
        ```
        v2.1.0
        ------
        * Kerberos authentication support (Thank you laxa for PR)
        * Add CME module for python3
        * Update bloodhound queries for BloodHound3
        * Bug fixes
        
        v2.0.0
        ------
        * Multiprocessing support to dump credentials on multiple hosts at a time
        * Add new dumping method using "dumpert"
        * Can be used as a library in other python projects
        * Syntax changed to be more flexible
        * Complete code refactoring, way more organized and easy to maintain/extend
        * Better error handling
        * Complete wiki
        
        v1.1.0
        ------
        * Better execution process : --method flag has been added and described in help text
        * Uses random dump name
        * Chose between cmd, powershell, dll and/or procdump methods
        * CME module is now using light lsassy WMIExec et TASKExec implementation
        * Bug fixes
        
        v1.0.0
        ------
        * Built-in lsass dump
        ** Lsass dump using built-in Windows
        ** Lsass dump using procdump (using -p parameter)
        * Add --dumppath to ask for remote parsing only
        * Code refactoring
        * Add --quiet to quiet output
        
        v0.2.0
        ------
        * Add BloodHound option to CME module (-o BLOODHOUND=True)
            - Set compromised targets as "owned" in BloodHound
            - Check if compromised users have at least one path to domain admin
        * Custom parsing (json, grep, pretty [default])
        * New --hashes option to lsassy
        * Include CME module in repository
        * Add credentials to CME database
        
        
        v0.1.0
        ------
        First release
        ```
        
        ## Acknowledgments
        
        * [Impacket](https://github.com/SecureAuthCorp/impacket)
        * [SkelSec](http://twitter.com/skelsec) for Pypykatz, but also for his patience and help
        * [mpgn](https://twitter.com/mpgn_x64) for his help and ideas
        
        ## Contributors
        
        * [ITPPA](https://github.com/ITPPA/)
        * [viaccoz](https://github.com/viaccoz)
        * [blurbdust](https://github.com/blurbdust)
        * [exploide](https://github.com/exploide)
        * [Laxa](https://github.com/Laxa)
        
Platform: UNKNOWN
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Requires-Python: >=3.6
Description-Content-Type: text/markdown