Nytro Posted May 9, 2020 Report Posted May 9, 2020 Spraykatz - retrieve credentials on Windows machines 890 SHARES ShareTweet Spraykatz is a tool without any pretention able to retrieve credentials on Windows machines and large Active Directory environments. It simply tries to procdump machines and parse dumps remotely in order to avoid detections by antivirus softwares as much as possible. Installation This tool is written for python>=3. Do not use this on production environments! Ubuntu On a fresh updated Ubuntu: apt update apt install -y python3.6 python3-pip git nmap git clone --recurse-submodules https://github.com/aas-n/spraykatz.git cd spraykatz pip3 install -r requirements.txt Using Spraykatz A quick start could be: ./spraykatz.py -u H4x0r -p L0c4L4dm1n -t 192.168.1.0/24 Mandatory arguments Switches Description -u, --username User to spray with. He must have admin rights on targeted systems in order to gain remote code execution. -p, --password User's password or NTLM hash in the LM:NT format. -t, --targets IP addresses and/or IP address ranges. You can submit them via a file of targets (one target per line), or inline (separated by commas). Optional arguments Switches Description -d, --domain User's domain. If he is not member of a domain, simply use -d . instead. -v, --verbosity Verbosity mode {warning, info, debug}. Default == info. Acknowlegments Spraykatz uses slighlty modified parts of the following projects: Mimikatz Impacket Pypykatz Pywerview Sysinternals hackndo Written by Lydéric Lefebvre Copyright (c) 2019 Lydéric Lefebvre Main page: https://github.com/aas-n/spraykatz Sursa: https://hakin9.org/spraykatz-retrieve-credentials-on-windows-machines/ Quote
