keimpx v0.2 released

In: Bruteforcers , keimpx , Password Cracking

11 February 2010

Check for the usefulness of credentials across a network over SMB.

It can be used to quickly check for the usefulness of credentials across a network over SMB. Credentials can be:

Combination of user / plain-text password.
Combination of user / NTLM hash.
Combination of user / NTLM logon session token.

If any valid credentials has been discovered across the network after its attack phase, the user is asked to choose which host to connect to and which valid credentials to use, then he will be prompted with an interactive SMB shell where the user can:

Spawn an interactive command prompt.
Navigate through the remote SMB shares: list, upload, download files, create, remove files, etc.
Deploy and undeploy his own service, for instance, a backdoor listening on a TCP port for incoming connections.
List users details, domains and password policy.

Dependencies

It is developed in Python using CORE Impact’s Impacket library. This Python library requires also PyCrypto to work. If you want to run keimpx on Windows, you might find useful the prebuilt PyCrypto binaries.

Documentation

Usage
Examples
FAQ (recommended reading)
License

Post scriptum

Download keimpx v0.2

Bruteforcers	29 April 2010 : Fuzzdb v1.07 released 26 April 2010 : Bruter v1.0 - parallel network login brute-forcer 25 April 2010 : Fuzzdb updated to v1.06 19 April 2010 : fuzzdb v1.05 - Attack and Discovery Pattern Database 8 March 2010 : DirBuster v1.0 RC 1 - released
keimpx	11 February 2010 : keimpx v0.2 released
Password Cracking	25 April 2010 : Aircrack-ng v1.1 released 3 April 2010 : CUPP Common User Passwords Profiler v3 released 25 March 2010 : PenTBox v1.3.2 FINAL released 27 February 2010 : John the Ripper updated to v1.7.5 16 February 2010 : Medusa Parallel Network Login Auditor v2.0 released

keimpx v0.2 released

Post scriptum

Related Articles

Follow us

Like us !

Most Read

Advertising

License

Categories

COMPANY

STANDARDS

RECENT POSTS

MENU