Packages and Binaries:
hekatomb
Hekatomb is a Python script that connects to an LDAP directory to retrieve all computers and users’ information. From there, it will download all DPAPI blobs of all users from all computers and use Domain backup keys to decrypt them.
Installed size: 63 KB
How to install: sudo apt install hekatomb
Dependencies:
- python3
- python3-chardet
- python3-dnspython
- python3-impacket
- python3-ldap3
- python3-pycryptodome
hekatomb
root@kali:~# hekatomb -h
██░ ██ ▓█████ ██ ▄█▀▄▄▄ ▄▄▄█████▓ ▒█████ ███▄ ▄███▓ ▄▄▄▄
▓██░ ██▒▓█ ▀ ██▄█▒▒████▄ ▓ ██▒ ▓▒▒██▒ ██▒▓██▒▀█▀ ██▒▓█████▄
▒██▀▀██░▒███ ▓███▄░▒██ ▀█▄ ▒ ▓██░ ▒░▒██░ ██▒▓██ ▓██░▒██▒ ▄██
░▓█ ░██ ▒▓█ ▄ ▓██ █▄░██▄▄▄▄██░ ▓██▓ ░ ▒██ ██░▒██ ▒██ ▒██░█▀
░▓█▒░██▓░▒████▒▒██▒ █▄▓█ ▓██▒ ▒██▒ ░ ░ ████▓▒░▒██▒ ░██▒░▓█ ▀█▓
▒ ░░▒░▒░░ ▒░ ░▒ ▒▒ ▓▒▒▒ ▓▒█░ ▒ ░░ ░ ▒░▒░▒░ ░ ▒░ ░ ░░▒▓███▀▒
▒ ░▒░ ░ ░ ░ ░░ ░▒ ▒░ ▒ ▒▒ ░ ░ ░ ▒ ▒░ ░ ░ ░▒░▒ ░
░ ░░ ░ ░ ░ ░░ ░ ░ ▒ ░ ░ ░ ░ ▒ ░ ░ ░ ░
░ ░ ░ ░ ░░ ░ ░ ░ ░ ░ ░ ░
Because Domain Admin rights are not enough.
Hack them all.
@Processus
v1.5
**************************************************
usage: hekatomb [-h] [-hashes LMHASH:NTHASH] [-pvk PVK] [-dns DNS]
[-port [port]] [-smb2] [-just-user JUST_USER]
[-just-computer JUST_COMPUTER] [-md5] [-csv] [-debug]
[-debugmax]
target
Script used to automate domain computers and users extraction from LDAP and
extraction of domain controller private key through RPC to collect and decrypt
all users' DPAPI secrets saved in Windows credential manager.
positional arguments:
target [[domain/]username[:password]@]<targetName or address
of DC>
options:
-h, --help show this help message and exit
authentication:
-hashes LMHASH:NTHASH
NTLM hashes, format is LMHASH:NTHASH
authentication:
-pvk PVK Domain backup keys file
-dns DNS DNS server IP address to resolve computers hostname
-port [port] Port to connect to SMB Server
-smb2 Force the use of SMBv2 protocol
-just-user JUST_USER Test only specified username
-just-computer JUST_COMPUTER
Test only specified computer
-md5 Print md5 hash instead of clear passwords
verbosity:
-csv Export results to CSV file
-debug Turn DEBUG output ON
-debugmax Turn DEBUG output TO MAAAAXXXX
Updated on: 2024-Aug-06