Easily launch a password spray using AWS Lambda across multiple regions, rotating IP addresses with each request.
Brought to you by:
- Fully supports all AWS Lambda Regions
- Multi-threaded processing
- Generates user/password pairs
- Easily add new plugins
- Automatically creates execution role and lambdas
usage: credking.py [-h] --plugin PLUGIN [--threads THREADS] --userfile USERFILE --passwordfile PASSWORDFILE --access_key ACCESS_KEY --secret_access_key SECRET_ACCESS_KEY
optional arguments:
-h, --help show this help message and exit
--plugin PLUGIN spraying plugin
--threads THREADS thread count (default: 1)
--userfile USERFILE username file
--passwordfile PASSWORDFILE password file
--access_key ACCESS_KEY aws access key
--secret_access_key SECRET_ACCESS_KEY aws secret access key
You can install and run automatically using Python 3 with the following command:
$ git clone https://github.com/ustayready/CredKing
$ cd CredKing
~/CredKing$ python3 credking.py
Note that Python 3 is required.
Bug reports, feature requests and patches are welcome.
You can create new plugins by:
$ cd plugins
$ mkdir newplugin
$ cd newplugin
$ touch newplugin.py
Next, make sure to include the lambda handler function in your newplugin.py:
def lambda_handler(event, context):
return your_function(event['username'], event['password'])
CredKing generates a deployment zip file which the lambdas receive when they are created. Because of this, CredKing requires the pre-reqs to be installed directly into the newplugin folder. You can accomplish this by:
$ pip install <pre-req> -t .
That's it, enjoy!