Copy the properties and groups of a user or computer from neo4j (bloodhound) to create an identical golden ticket.

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Project description

GoldenCopy

You encounter limitations with your golden tickets (DACLs, detection)? GoldenCopy retrieves all the information (ID, groups, etc) of a specific user in a neo4j database (bloodhound) and prepares the mimikatz/ticketer command to impersonate his permissions.

Installation

GoldenCopy works with python >= 3.6

Using pip

python3 -m pip install GoldenCopy

PyPi repository: https://pypi.org/project/GoldenCopy/

From source

git clone https://github.com/Dramelac/GoldenCopy.git
cd GoldenCopy
python3 setup.py install

Examples

Impersonating 'john@domain.local' using default localhost neo4j (neo4j/exegol4thewin) database:

goldencopy john@domain.local

Impersonating 'DC1' computer using default database connection:

goldencopy 'DC1$'

Custom neo4j DB:

goldencopy -b neo4j.server.local -u neo4juser -p neo4jpass john@domain.local

Adding stealth mode:

goldencopy -b bolt://neo4j.server.local:7687 -u neo4juser -p neo4jpass -s john@domain.local

Using specific tools:

goldencopy -t mimikatz john@domain.local

goldencopy -t ticketer john@domain.local

Usages

usage: goldencopy.py [-h] [-v] [-b BOLT] [-u USERNAME] [-p PASSWORD]
                     [-t {mimikatz,ticketer,all}] [-s] [-k KRBTGT] [-g GROUPS]
                     [--sid SID] [-c CUSTOM]
                     target_user

GoldenCopy - Copy the properties and groups of a user from neo4j to create an
identical golden ticket

positional arguments:
  target_user           Target user to copy (format: <username>[@<domain>])

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Enable verbose logging

Neo4j connection configuration:
  -b BOLT, --bolt BOLT  Neo4j bolt connexion (default: bolt://127.0.0.1:7687)
  -u USERNAME, --username USERNAME
                        Neo4j username (default : neo4j)
  -p PASSWORD, --password PASSWORD
                        Neo4j password (default : exegol4thewin)

Ticket configuration:
  -t {mimikatz,ticketer,all}, --tools {mimikatz,ticketer,all}
                        Ticket creation tools (default : all)
  -s, --stealth         Stealth mode (default : disable)
  -k KRBTGT, --krbtgt KRBTGT
                        KRBTGT RC4,AES Key

Advanced ticket configuration:
  -g GROUPS, --groups GROUPS
                        Manually add extra group ids (can be separated by
                        commas)
  --sid SID             Manually add extra sids (SID history) (can be
                        separated by commas)
  -c CUSTOM, --custom CUSTOM
                        Custom options

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

This version

1.6

May 6, 2024

1.3.4

Sep 6, 2022

1.3.3

Aug 30, 2022

1.3 yanked

Aug 23, 2022

1.2 yanked

Aug 23, 2022

1.1

Feb 25, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

goldencopy-1.6.tar.gz (19.0 kB view hashes)

Uploaded May 6, 2024 Source

Hashes for goldencopy-1.6.tar.gz

Hashes for goldencopy-1.6.tar.gz
Algorithm	Hash digest
SHA256	`33113256a4e514b52e98e8e250e9cb614db42afdb285bd3b1ba9307d8256969b`
MD5	`9641ddab79aa531829041b5f65c295dd`
BLAKE2b-256	`c6f29307ed8f33b1765b66fbd634243511eb58457a7c3427e39230a7abcd5231`