Changelog

Changelog of CrackMapExec

โ€‹

Next major releases of CME will be sponsorware check this pageโ€‹

5.1.7dev - U fancy huh ? - 2021-05-30

๐Ÿ’ซ Features ๐Ÿ’ซ

  • Add module MachineAccountQuota.py Retrieves the MachineAccountQuota domain-level attribute related to the current user

  • Add module get-desc-users Get the description of each users and search for password in the description

  • Add module mssql_priv Enumerate and exploit MSSQL privileges

  • Add option --password-not-required to retrieve the user with the flag PASSWD_NOTREQD

  • Add custom port for WinRM

๐Ÿ”ง Issues ๐Ÿ”ง

  • Fix spelling mistake

5.1.6dev - U fancy huh ? - 2021-03-08

๐Ÿ’ซ Features ๐Ÿ’ซ

  • Bump to lsassy to latest version 2

  • Add new option --amsi-bypass to bypass AMSI with your own custom code

  • Add module LAPS to retrieve all LAPS password

  • Add IPv6 support

  • Add improvment when testing null session for the output

  • Remove thirdparty folder

๐Ÿ”ง Issues ๐Ÿ”ง

  • โ€‹

5.1.5dev - U fancy huh ? - 2021-01-21

๐Ÿ’ซ Features ๐Ÿ’ซ

  • Add better error message on LDAP protocol

  • Add more options to LDAP

    • option --groups

    • option --users

    • option --continue-on-success

  • Add additional Info to LDAP Kerberoasting

    • Account Name

    • Password last set

    • Last logon

    • Member of

๐Ÿ”ง Issues ๐Ÿ”ง

  • Fix encoding error

5.1.4dev - U fancy huh ? - 2020-12-01

๐Ÿ’ซ Features ๐Ÿ’ซ

  • Bump to Impacket v0.9.22

๐Ÿ”ง Issues ๐Ÿ”ง

  • Fix issue with --pass-pol for Maximum password age

  • Fix encoding issue with spider option

5.1.3dev - U fancy huh ? - 2020-11-16

๐Ÿ’ซ Features ๐Ÿ’ซ

  • Switch from gevent to asyncio

  • Shares are now logged in the database and can be queried

  • You can now press enter while a scan is being performed and CME will give you a completion percentage and the number of hosts remaining to scan

๐Ÿ”ง Issues ๐Ÿ”ง

  • Rename options EXT and DIR to EXCLUDE_EXTS EXCLUDE_DIRon spider_plus module

  • Fix MSSQL protocol (command exec with powershell and enum) thanks @Dliv3โ€‹

  • Fix module Wireless

5.1.1dev - [email protected] - 2020-09-20

๐Ÿ’ซ Features ๐Ÿ’ซ

  • Switched from Pipenv to Poetry for development and dependency management.

  • Now has Windows binaries!

5.1.0 - [email protected] - 2020-06-25

๐Ÿ’ซ Features ๐Ÿ’ซ

  • Add LDAP protocol to CME

  • Add Kerberoasting support to CME using the flag --kerberoasting

  • Add ASREPRoasting support to CME using the flag --asreproasting

  • Add AdminCount option to list all users in the domain with property AdminCount=1 using the flag--admin-count thanks to @ropnop talk

  • CME can list computers and users with unconstrained delegation enabled using the option --trusted-for-delegationthanks to @ropnop talk

  • Add an option to SSH protocol supporting connection using private key thanks to @alxblโ€‹

  • Add the option --continue-on-success to the SSH protocol

  • Add new color when the status code of SMB is diffrent from NT_STATUS_LOGON_FAILURE

  • WinRM protocol support authentication using NTLM hash -H

  • CME now support docker !

๐Ÿ”ง Issues ๐Ÿ”ง

  • Fix authentication error on SSH protocol thanks to @ippsec report

  • Fix authentication error using --shares options thanks to @ippsec report

  • Improve WinRM output when authentication failed

  • Improve WinRM output when SMB port is open

  • Fix issue with SMB signing required using the flag --continue-on-success

  • Fix issue when using a file as username and a file as hosts cme smb <file> -u <file> -p <file>

  • Fix debug output when using the --verbose flag on --pass-poll option

  • CME binaries are now compiled for Python3.7 instead of Python3.8, CME is impacket friendly :)

5.0.2 - P3l1as - 2020-05-04

๐Ÿ’ซ Features ๐Ÿ’ซ

  • CME accepts a file as argument with option -x and -X

  • WinRM can now execute a command even if not local admin thanks to pypsrp lib

  • Kerberos support is added to CME ๐Ÿ’ฅ

  • commands --put-file and --get-file have been added allowing to put or get remote file

  • option --no-bruteforce has been added allowing you to spray credentials without bruteforce

  • CME will now always show FQDN ๐Ÿ‘ฎ

๐Ÿ”ง Issues ๐Ÿ”ง

  • Issues with SSH connection are fixed

  • MSSQL and WinRM protocoles have been updated allowing connections even if SMB is not open

  • Fix some encoding problems as always ๐Ÿ’ฉ

  • LSASSY module output has been improved when no credentials are found thanks to @Hackndoโ€‹

  • encoding problem with GPP_PASSWORD and GPP_AUTOLOGIN should be fixed

๐Ÿš€ Modules ๐Ÿš€

  • both Metasploit and empire modules are back in the game

  • module wireless has been added to CME

  • module bh_owned has been added by @Hackndo allowing to send credentials from CME to bloodhound to mark a computer as owned ๐Ÿฉ

5.0.1 - P3l1as - 2020-04-20

Fixed dependency issues. Habemus binaries!

5.0.0 - P3l1as - 2020-04-19

๐Ÿš€ CrackMapexec ported to Python3 by @mpgn_x64 ๐Ÿš€

โ€‹

4.1.0 - Bug Pr0n - 2018-03-22

3.1.5 - Bug Pr0n - 2018-03-22

โ€‹

โ€‹