68

GitHub - aas-n/spraykatz: A tool to spray love around the world.

 4 years ago
source link: https://github.com/aas-n/spraykatz
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

README.md


Spraykatz
Spraykatz

Spray love around the world

68747470733a2f2f696d672e736869656c64732e696f2f62616467652f52656c656173652d302e392e342d677265656e2e737667 68747470733a2f2f696d672e736869656c64732e696f2f62616467652f547769747465722d2534306c7964657269636c656665627672652d626c75652e737667 68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5468616e6b732d416b657276612d7265642e737667

Index

Title Description About Brief Description about the tool Installation Installation and Requirements Usage How to use Spraykatz Acknowlegments Acknowlegments

About

Spraykatz is a tool without any pretention able to retrieve credentials on Windows machines and large Active Directory environments.

It simply tries to procdump machines and parse dumps locally in order to avoid detections by antivirus softwares as much as possible.

Installation

This tool is written for python>=3. Do not use this on production environments!

Ubuntu

On a fresh updated Ubuntu.

apt update
apt install -y python3.6 python3-pip git nmap
git clone --recurse-submodules https://github.com/aas-n/spraykatz.git
cd spraykatz
pip3 install -r requirements.txt

Using Spraykatz

A quick start could be:

./spraykatz.py -d company.local -u H4x0r -p L0c4L4dm1n -t 192.168.1.0/24

Spraykatz

Mandatory arguments

Switches Description -u, --username User to spray with. He must have admin rights on targeted systems in order to gain remote code execution. -p, --password User's password or NTLM hash in the LM:NT format. -t, --targets IP addresses and/or IP address ranges. You can submit them via a file of targets (one target per line), or inline (separated by commas).

Optional arguments

Switches Description -d, --domain User's domain. If he is not member of a domain, simply use -d . instead. -k, --keep Keep dumps into misc/dumps (no deletion when spraykatz ends). -v, --verbosity Verbosity mode {warning, info, debug}. Default: info.

Acknowlegments

Spraykatz uses slighlty modified parts of the following projects:

Written by Lydéric Lefebvre


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK