Spraykatz
Spraykatz Description
Spraykatz is a credential gathering tool for Windows machines and large Active Directory environments. Spraykatz uses other programs to automate the process of extracting passwords and hashes.
In its work, Spraykatz on the Windows side uses ProcDump (a utility from Sysinternals, a suite of programs that Microsoft distributes) to dump the lsass process. In order not to load specialized tools on Windows, Spraykatz parses process dumps remotely (in Linux with which the tool is running). This avoids detection by antivirus software as much as possible.
Spraykatz uses slightly modified parts of the following projects:
Do not use Spraykatz in a production environment!
GitHub: https://github.com/aas-n/spraykatz
Author: aas
License: MIT
Spraykatz Help
Usage:
spraykatz.py [-h] -u USERNAME -p PASSWORD -t TARGETS [-d DOMAIN] [-r] [-v {warning,info,debug}] [-w WAIT]
Options:
Optional arguments: -h, --help show this help message and exit Mandatory Arguments: -u USERNAME, --username USERNAME User to spray with. He must have admin rights on targeted systems in order to gain remote code execution. -p PASSWORD, --password PASSWORD User's password or NTLM hash in the LM:NT format. -t TARGETS, --targets TARGETS IP addresses and/or IP address ranges. You can submit them via a file of targets (one target per line), or inline (separated by commas). Optional Arguments: -d DOMAIN, --domain DOMAIN User's domain. If he is not member of a domain, simply use "-d ." instead. -r, --remove Only try to remove ProcDump and dumps left behind on distant machines. Just in case. -v {warning,info,debug}, --verbosity {warning,info,debug} Verbosity mode. Default is info. -w WAIT, --wait WAIT How many seconds Spraykatz waits before exiting gracefully. Default is 180 seconds.
Spraykatz Usage Example
To gather credentials from an Active Directory Domain Controller with an IP address of 192.168.1.72, an administrator named Alex and a password of QWEqwe123:
sudo spraykatz -t 192.168.1.72 -u Alex -p QWEqwe123
How to install Spraykatz
Installation on Kali Linux
sudo apt install git nmap python3-pip git clone https://github.com/aas-n/spraykatz cd spraykatz sudo pip3 install -r requirements.txt
Installation on Debian, Linux Mint, Ubuntu
sudo apt update sudo apt install -y python3.6 python3-pip git nmap python3-pip git clone https://github.com/aas-n/spraykatz cd spraykatz sudo pip3 install -r requirements.txt
Installation on BlackArch
The program is pre-installed on BlackArch. To install in minimal builds run:
sudo pacman -S spraykatz
Spraykatz Screenshots
Spraykatz Tutorials
Coming soon…
Comments are Closed