Python library to remotely extract credentials on a set of hosts. This blog post explains how it works.
This library uses impacket project to remotely read necessary bytes in lsass dump and pypykatz to extract credentials.
| Chapters | Description |
|---|---|
| Requirements | Requirements to install lsassy from source |
| Installation | Installation commands from pip or from source |
| Documentation | Lsassy documentation |
| CrackMapExec Module | Link to CrackMapExec module included in this repository |
| Issues | Read this before creating an issue |
| Acknowledgments | Kudos to these people and tools |
| Contributors | People contributing to this tool |
python3.7 -m pip install lsassy
python3.7 setup.py install
The tool is fully documented in the wiki of this project
I wrote a CrackMapExec module that uses lsassy to extract credentials on compromised hosts
CrackMapExec module is in cme folder : CME Module
v2.0.0
------
* Multiprocessing support to dump credentials on multiple hosts at a time
* Add new dumping method using "dumpert"
* Can be used as a library in other python projects
* Syntax changed to be more flexible
* Complete code refactoring, way more organized and easy to maintain/extend
* Better error handling
* Complete wiki
v1.1.0
------
* Better execution process : --method flag has been added and described in help text
* Uses random dump name
* Chose between cmd, powershell, dll and/or procdump methods
* CME module is now using light lsassy WMIExec et TASKExec implementation
* Bug fixes
v1.0.0
------
* Built-in lsass dump
** Lsass dump using built-in Windows
** Lsass dump using procdump (using -p parameter)
* Add --dumppath to ask for remote parsing only
* Code refactoring
* Add --quiet to quiet output
v0.2.0
------
* Add BloodHound option to CME module (-o BLOODHOUND=True)
- Set compromised targets as "owned" in BloodHound
- Check if compromised users have at least one path to domain admin
* Custom parsing (json, grep, pretty [default])
* New --hashes option to lsassy
* Include CME module in repository
* Add credentials to CME database
v0.1.0
------
First release
If you find an issue with this tool (that's very plausible !), please
- Check that you're using the latest version
- Send as much details as possible.
- For standalone lsassy, please use maximum verbosity
-vv - For CME module, please use CrackMapExec
--verboseflag
- For standalone lsassy, please use maximum verbosity
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent