RepoMirrors/DonPAPI
1
0
Fork 0
mirror of https://github.com/login-securite/DonPAPI synced 2025-02-08 15:37:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

debug problems of passwords containg : and case sensitive comparaison bug

Browse Source
This commit is contained in:
Pierre-Alexandre Vandewoestyne 2022-01-29 12:23:32 +01:00
parent 01ad18dcf1
commit 49b523cdb1
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
DonPAPI.py
View File

@ -115,6 +115,8 @@ def main():
options.password = options.password + '@' + options.address.rpartition('@')[0]
options.address = options.address.rpartition('@')[2]
options.username=options.username.lower() #for easier compare
if options.target_ip is None:
options.target_ip = options.address
if options.domain is None:
@ -142,7 +144,9 @@ def main():
file_data = f.read().replace(b'\x0d', b'').split(b'\n')
for cred in file_data:
if b':' in cred:
tmp_username, tmp_password = cred.split(b':')
tmp_split = cred.split(b':')
tmp_username = tmp_split[0].lower() #Make all usernames lower for easier compare
tmp_password = b''.join(tmp_split[1:])
#Add "history password to account pass to test
if b'_history' in tmp_username:
tmp_username=tmp_username[:tmp_username.index(b'_history')]

6
myseatbelt.py
View File

@ -199,7 +199,7 @@ class MySeatBelt:
else:
if self.options.laps is True and username != '' and password != '': # not doing LAPS for null session
if(self.get_laps()):
for username in ['Administrator','Administrateur','Administrador']:
for username in ['administrator','administrateur','administrador']:
try:
self.logging.debug(f"[{self.options.target_ip}] [-] initialising smb Local Authentification to {self.options.domain} / {username} : {self.options.password}, @ {self.host} , Hash : {self.options.lmhash} : {self.options.nthash}, AESKey {self.options.aesKey}")
self.smb.login(username, self.options.password, self.options.domain, self.options.lmhash, self.options.nthash, ntlmFallback=True)
@ -1705,8 +1705,8 @@ class MySeatBelt:
if len(self.options.credz) > 0 and user.masterkeys_file[guid]['status'] != 'decrypted': #localfile not in user.masterkeys:
self.logging.debug(f"[{self.options.target_ip}] [...] Testing decoding {bcolors.OKBLUE}{user.username}{bcolors.ENDC} Masterkey {guid} with credz")
for username in self.options.credz:
if username in user.username :#pour fonctionner aussi avec le .domain ou les sessions multiple citrix en user.domain.001 ?
self.logging.debug(f"[{self.options.target_ip}] [...] Testing {len(self.options.credz[user.username])} credz for user {user.username}")
if username.lower() in user.username.lower() :#pour fonctionner aussi avec le .domain ou les sessions multiple citrix en user.domain.001 ?
#self.logging.debug(f"[{self.options.target_ip}] [...] Testing {len(self.options.credz[username])} credz for user {user.username}")
#for test_cred in self.options.credz[user.username]:
try:
self.logging.debug(f"[{self.options.target_ip}]Trying to decrypt {bcolors.OKBLUE}{user.username}{bcolors.ENDC} Masterkey {guid} with user SID {user.sid} and {len(self.options.credz[username])}credential(s) from credz file")