rpcmap_py

Command rpcmap_py: Executes rpcmap.py commands to enumerate MSRPC interfaces.

This function allows the user to:

1. Run rpcmap.py with a specified string binding to discover MSRPC interfaces.
2. Filter the output using grep for specific DCOM-related interfaces.
3. Optionally run rpcmap.py with additional flags for brute-forcing opnums and adjusting the authentication level.

Args:
line (str): Optional argument specifying the string binding or additional flags for rpcmap.py.

Returns:
None

Example:
rpcmap_py 'ncacn_ip_tcp:10.10.10.213'
rpcmap_py 'ncacn_ip_tcp:10.10.10.213' -brute-opnums -auth-level 1 -opnum-max 5

serveralive2

Command serveralive2: Uses Impacket to connect to a remote MSRPC interface and retrieves the server bindings.

This function allows the user to:

1. Establish a connection to a remote MSRPC interface using a specified target from self.params["rhost"].
2. Set the authentication level to none.
3. Retrieve and print the network addresses from the server bindings using the IObjectExporter.

Args:
line (str): Unused in this context. The target is derived from self.params["rhost"].

Returns:
None

Example:
serveralive2

john2zip

List all .zip files in the 'sessions' directory, let the user select one, and run the command
zip2john {selected_file} > sessions/hash.txt.
Then, run John the Ripper to crack the hash using the RockYou wordlist with multiple forks.

Parameters:
line (str): An optional string parameter. This can be used for any additional input, though
it's not needed in this specific command.

Returns:
None

createusers_and_hashs

Command createusers_and_hashs: Extracts usernames and hashes from a dump file.

This function opens a nano editor for the user to input the contents of a
file in the format:

username:UID:LM_HASH:NT_HASH:::

Once the data is entered and saved, the function generates:

1. A file named usernames_{rhost}.txt containing all usernames.
2. Individual files named hash_{username}.txt for each user, containing
   the user's LM and NT hash in the format LM_HASH:NT_HASH.

Args:
line (str): Unused parameter, kept for consistency.

Returns:
None

pykerbrute

Command pykerbrute: Automates the installation and execution of PyKerbrute for bruteforcing Active Directory accounts using Kerberos pre-authentication.

This function performs the following tasks:

1. Clones and installs PyKerbrute if not already installed.
2. Allows the user to choose between the EnumADUser.py and ADPwdSpray.py scripts.
3. Executes the selected script with user-defined parameters, including domain, mode (TCP/UDP), and selected hash or password.

Args:
line (str): Optional argument for specifying additional parameters for execution, such as domain controller, domain, and attack mode.

Returns:
None

reg_py

Run reg.py with specified parameters to query the registry.

:param line: Line input for any additional parameters.

:returns: None

Manual execution:
To manually run reg.py, use the following command:

reg.py -hashes :<hash> <domain>/<username>@<target> query -keyName <registry_key>

This function prompts the user for the hash, domain, username, and registry key if they are not already provided.