Skip to content
/ CrackedNTDStoXLSX Public

A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.

6 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

p0dalirius/CrackedNTDStoXLSX

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.github
.github
 
 
CrackedNTDStoXLSX.py
CrackedNTDStoXLSX.py
 
 
README.md
README.md
 
 

Repository files navigation

A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.
GitHub release (latest by date) YouTube Channel Subscribers

Features

  • Authentications:
    • Authenticate with password
    • Authenticate with LM:NT hashes (Pass the Hash)
    • Authenticate with kerberos ticket (Pass the Ticket)
  • Exportable to XLSX format with option --xlsx

Demonstration

This tool takes the output of hashcat

./hashcat -m 1000 ./lab.local.ntds ./wordlists/rockyou.txt --username --show > cracked_ntds.txt

Then you can do:

./CrackedNTDStoXLSX.py -d 'LAB.local' -u 'user' -p 'P@ssw0rd' --dc-ip 10.0.0.101 -n cracked_ntds.txt -x cracked_users.xlsx

Usage

$ ./CrackedNTDStoXLSX.py 
usage: CrackedNTDStoXLSX.py [-h] [--use-ldaps] [-debug] [-a ATTRIBUTES] -x XLSX -n NTDS [--dc-ip ip address] [--kdcHost FQDN KDC] [-d DOMAIN] [-u USER]
                            [--no-pass | -p PASSWORD | -H [LMHASH:]NTHASH | --aes-key hex key] [-k]

A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.

options:
  -h, --help            show this help message and exit
  --use-ldaps           Use LDAPS instead of LDAP
  -debug                Debug mode
  -a ATTRIBUTES, --attribute ATTRIBUTES
                        Attributes to extract.
  -x XLSX, --xlsx XLSX  Output results to an XLSX file.
  -n NTDS, --ntds NTDS  Output results to an XLSX file.

authentication & connection:
  --dc-ip ip address    IP Address of the domain controller or KDC (Key Distribution Center) for Kerberos. If omitted it will use the domain part (FQDN) specified in the identity parameter
  --kdcHost FQDN KDC    FQDN of KDC for Kerberos.
  -d DOMAIN, --domain DOMAIN
                        (FQDN) domain to authenticate to
  -u USER, --user USER  user to authenticate with

  --no-pass             don't ask for password (useful for -k)
  -p PASSWORD, --password PASSWORD
                        password to authenticate with
  -H [LMHASH:]NTHASH, --hashes [LMHASH:]NTHASH
                        NT/LM hashes, format is LMhash:NThash
  --aes-key hex key     AES key to use for Kerberos Authentication (128 or 256 bits)
  -k, --kerberos        Use Kerberos authentication. Grabs credentials from .ccache file (KRB5CCNAME) based on target parameters. If valid credentials cannot be found, it will use the ones specified in the
                        command line

Contributing

Pull requests are welcome. Feel free to open an issue if you want to add other features.

About

A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.

Topics

active-directory xlsx passwords cracked ntds

Resources

Readme
Activity

Stars

6 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 1

1.1 Latest
Mar 2, 2024

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Languages