Skip to content

Commit

Permalink
Standardized parse_identity
Browse files Browse the repository at this point in the history
  • Loading branch information
@gabrielg5
gabrielg5 committed Feb 27, 2025
1 parent f53decc commit ef4813a
Show file tree
Hide file tree
Showing 17 changed files with 59 additions and 168 deletions.
11 changes: 2 additions & 9 deletions examples/GetADComputers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
from impacket import version
from impacket.dcerpc.v5.samr import UF_ACCOUNTDISABLE
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.ldap import ldap, ldapasn1
from impacket.smbconnection import SMBConnection, SessionError

Expand Down Expand Up @@ -283,19 +283,12 @@ def run(self):
# Init the example's logger theme
logger.init(options.ts, options.debug)

domain, username, password = parse_credentials(options.target)
domain, username, password, _, _, options.k = parse_identity(options.target, options.hashes, options.no_pass, options.aesKey, options.k)

if domain == '':
logging.critical('Domain should be specified!')
sys.exit(1)

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass
password = getpass("Password:")

if options.aesKey is not None:
options.k = True

try:
executer = GetADComputers(username, password, domain, options)
executer.run()
Expand Down
11 changes: 2 additions & 9 deletions examples/GetADUsers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
from impacket import version
from impacket.dcerpc.v5.samr import UF_ACCOUNTDISABLE
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.ldap import ldap, ldapasn1
from impacket.smbconnection import SMBConnection, SessionError

Expand Down Expand Up @@ -242,19 +242,12 @@ def run(self):
# Init the example's logger theme
logger.init(options.ts, options.debug)

domain, username, password = parse_credentials(options.target)
domain, username, password, _, _, options.k = parse_identity(options.target, options.hashes, options.no_pass, options.aesKey, options.k)

if domain == '':
logging.critical('Domain should be specified!')
sys.exit(1)

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass
password = getpass("Password:")

if options.aesKey is not None:
options.k = True

try:
executer = GetADUsers(username, password, domain, options)
executer.run()
Expand Down
11 changes: 2 additions & 9 deletions examples/GetLAPSPassword.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_PKT_INTEGRITY, RPC_C_AUTHN_LEVEL_PKT_PRIVACY
from impacket.dpapi_ng import EncryptedPasswordBlob, KeyIdentifier, compute_kek, create_sd, decrypt_plaintext, unwrap_cek
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.ldap import ldap, ldapasn1
from impacket.smbconnection import SMBConnection, SessionError
from pyasn1.codec.der import decoder
Expand Down Expand Up @@ -339,19 +339,12 @@ def run(self):
# Init the example's logger theme
logger.init(options.ts, options.debug)

domain, username, password = parse_credentials(options.target)
domain, username, password, _, _, options.k = parse_identity(options.target, options.hashes, options.no_pass, options.aesKey, options.k)

if domain == '':
logging.critical('Domain should be specified!')
sys.exit(1)

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass
password = getpass("Password:")

if options.aesKey is not None:
options.k = True

try:
executer = GetLAPSPassword(username, password, domain, options)
executer.run()
Expand Down
11 changes: 2 additions & 9 deletions examples/GetNPUsers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
from impacket import version
from impacket.dcerpc.v5.samr import UF_ACCOUNTDISABLE, UF_DONT_REQUIRE_PREAUTH
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.krb5 import constants
from impacket.krb5.asn1 import AS_REQ, KERB_PA_PAC_REQUEST, KRB_ERROR, AS_REP, seq_set, seq_set_iter
from impacket.krb5.kerberosv5 import sendReceive, KerberosError
Expand Down Expand Up @@ -440,19 +440,12 @@ def request_multiple_TGTs(self, usernames):
# Init the example's logger theme
logger.init(options.ts, options.debug)

domain, username, password = parse_credentials(options.target)
domain, username, password, _, _, options.k = parse_identity(options.target, options.hashes, options.no_pass, options.aesKey, options.k)

if domain == '':
logging.critical('Domain should be specified!')
sys.exit(1)

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass
password = getpass("Password:")

if options.aesKey is not None:
options.k = True

if options.k is False and options.no_pass is True and username == '' and options.usersfile is None:
logging.critical('If the -no-pass option was specified, but Kerberos (-k) is not used, then a username or the -usersfile option should be specified!')
sys.exit(1)
Expand Down
12 changes: 2 additions & 10 deletions examples/GetUserSPNs.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@
from impacket.dcerpc.v5.samr import UF_ACCOUNTDISABLE, UF_TRUSTED_FOR_DELEGATION, \
UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.krb5 import constants
from impacket.krb5.asn1 import TGS_REP, AS_REP
from impacket.krb5.ccache import CCache
Expand Down Expand Up @@ -543,7 +543,7 @@ def request_multiple_TGSs(self, usernames):
' a list of SPNs and/or sAMAccountNames to Kerberoast.')
sys.exit(1)

userDomain, username, password = parse_credentials(options.target)
userDomain, username, password, _, _, options.k = parse_identity(options.identity, options.hashes, options.no_pass, options.aesKey, options.k)

if userDomain == '':
logging.critical('userDomain should be specified!')
Expand All @@ -554,14 +554,6 @@ def request_multiple_TGSs(self, usernames):
else:
targetDomain = userDomain

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass

password = getpass("Password:")

if options.aesKey is not None:
options.k = True

if options.save is True or options.outputfile is not None:
options.request = True

Expand Down
20 changes: 6 additions & 14 deletions examples/addcomputer.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@

from impacket import version
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.dcerpc.v5 import samr, epm, transport
from impacket.spnego import SPNEGO_NegTokenInit, TypesMech

Expand Down Expand Up @@ -457,22 +457,14 @@ def run(self):
options = parser.parse_args()

logger.init(options.ts, options.debug)

domain, username, password, _, _, options.k = parse_identity(options.account, options.hashes, options.no_pass, options.aesKey, options.k)

domain, username, password = parse_credentials(options.account)
if domain == '':
logging.critical('Domain should be specified!')
sys.exit(1)

try:
if domain is None or domain == '':
logging.critical('Domain should be specified!')
sys.exit(1)

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass
password = getpass("Password:")

if options.aesKey is not None:
options.k = True


executer = ADDCOMPUTER(username, password, domain, options)
executer.run()
except Exception as e:
Expand Down
2 changes: 1 addition & 1 deletion examples/dacledit.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -742,7 +742,7 @@ def main():
if args.action == "restore" and not args.filename:
logging.critical('-file is required when using -action restore')

domain, username, password, lmhash, nthash = parse_identity(args)
domain, username, password, lmhash, nthash, args.k = parse_identity(args.identity, args.hashes, args.no_pass, args.aesKey, args.k)

try:
ldap_server, ldap_session = init_ldap_session(domain, username, password, lmhash, nthash, args.k, args.dc_ip, args.aesKey, args.use_ldaps)
Expand Down
11 changes: 2 additions & 9 deletions examples/findDelegation.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
from impacket import version
from impacket.dcerpc.v5.samr import UF_ACCOUNTDISABLE, UF_TRUSTED_FOR_DELEGATION, UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.ldap import ldap, ldapasn1
from impacket.ldap import ldaptypes
from impacket.smbconnection import SMBConnection, SessionError
Expand Down Expand Up @@ -313,7 +313,7 @@ def run(self):
# Init the example's logger theme
logger.init(options.ts, options.debug)

userDomain, username, password = parse_credentials(options.target)
userDomain, username, password, _, _, options.k = parse_identity(options.target, options.hashes, options.no_pass, options.aesKey, options.k)

if userDomain == '':
logging.critical('userDomain should be specified!')
Expand All @@ -324,13 +324,6 @@ def run(self):
else:
targetDomain = userDomain

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass
password = getpass("Password:")

if options.aesKey is not None:
options.k = True

try:
executer = FindDelegation(username, password, userDomain, targetDomain, options)
executer.run()
Expand Down
11 changes: 2 additions & 9 deletions examples/getPac.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
from impacket import version
from impacket.dcerpc.v5.rpcrt import TypeSerialization1
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.krb5 import constants
from impacket.krb5.asn1 import AP_REQ, AS_REP, TGS_REQ, Authenticator, TGS_REP, seq_set, seq_set_iter, PA_FOR_USER_ENC, \
EncTicketPart, AD_IF_RELEVANT, Ticket as TicketAsn1
Expand Down Expand Up @@ -312,14 +312,7 @@ def dump(self):
options = parser.parse_args()
logger.init(options.ts, options.debug)

domain, username, password = parse_credentials(options.credentials)

if domain is None:
domain = ''

if password == '' and username != '' and options.hashes is None:
from getpass import getpass
password = getpass("Password:")
domain, username, password, _, _, _ = parse_identity(options.credentials, options.hashes)

try:
dumper = S4U2SELF(options.targetUser, username, password, domain, options.hashes)
Expand Down
20 changes: 6 additions & 14 deletions examples/getST.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@

from impacket import version
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.krb5 import constants, types, crypto, ccache
from impacket.krb5.asn1 import AP_REQ, AS_REP, TGS_REQ, Authenticator, TGS_REP, seq_set, seq_set_iter, PA_FOR_USER_ENC, \
Ticket as TicketAsn1, EncTGSRepPart, PA_PAC_OPTIONS, EncTicketPart
Expand Down Expand Up @@ -799,21 +799,13 @@ def run(self):
# Init the example's logger theme
logger.init(options.ts, options.debug)

domain, username, password = parse_credentials(options.identity)
domain, username, password, _, _, options.k = parse_identity(options.identity, options.hashes, options.no_pass, options.aesKey, options.k)

try:
if domain is None:
logging.critical('Domain should be specified!')
sys.exit(1)

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass

password = getpass("Password:")

if options.aesKey is not None:
options.k = True
if domain == '':
logging.critical('Domain should be specified!')
sys.exit(1)

try:
executer = GETST(username, password, domain, options)
executer.run()
except Exception as e:
Expand Down
27 changes: 10 additions & 17 deletions examples/getTGT.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@

from impacket import version
from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket.krb5.kerberosv5 import getKerberosTGT
from impacket.krb5 import constants
from impacket.krb5.types import Principal
Expand Down Expand Up @@ -102,24 +102,17 @@ def run(self):
# Init the example's logger theme
logger.init(options.ts, options.debug)

domain, username, password = parse_credentials(options.identity)

try:
if domain is None:
logging.critical('Domain should be specified!')
sys.exit(1)

if options.principalType is None:
logging.critical('Invalid principalType!')
sys.exit(1)

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass
password = getpass("Password:")
domain, username, password, _, _, options.k = parse_identity(options.identity, options.hashes, options.no_pass, options.aesKey, options.k)

if domain is None:
logging.critical('Domain should be specified!')
sys.exit(1)

if options.aesKey is not None:
options.k = True
if options.principalType is None:
logging.critical('Invalid principalType!')
sys.exit(1)

try:
executer = GETTGT(username, password, domain, options)
executer.run()
except Exception as e:
Expand Down
14 changes: 2 additions & 12 deletions examples/netview.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@
from time import sleep

from impacket.examples import logger
from impacket.examples.utils import parse_credentials
from impacket.examples.utils import parse_identity
from impacket import version
from impacket.smbconnection import SessionError
from impacket.dcerpc.v5 import transport, wkst, srvs, samr
Expand Down Expand Up @@ -481,19 +481,9 @@ def stop(self):
# Init the example's logger theme
logger.init(options.ts, options.debug)

domain, username, password = parse_credentials(options.identity)
domain, username, password, _, _, options.k = parse_identity(options.identity, options.hashes, options.no_pass, options.aesKey, options.k)

try:
if domain is None:
domain = ''

if password == '' and username != '' and options.hashes is None and options.no_pass is False and options.aesKey is None:
from getpass import getpass
password = getpass("Password:")

if options.aesKey is not None:
options.k = True

executer = USERENUM(username, password, domain, options.hashes, options.aesKey, options.k, options)
executer.run()
except Exception as e:
Expand Down
2 changes: 1 addition & 1 deletion examples/owneredit.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -274,7 +274,7 @@ def main():
if args.action == "restore" and not args.filename:
logging.critical('-file is required when using -action restore')

domain, username, password, lmhash, nthash = parse_identity(args)
domain, username, password, lmhash, nthash, args.k = parse_identity(args.identity, args.hashes, args.no_pass, args.aesKey, args.k)

try:
ldap_server, ldap_session = init_ldap_session(domain, username, password, lmhash, nthash, args.k, args.dc_ip, args.aesKey, args.use_ldaps)
Expand Down
Loading

0 comments on commit ef4813a

Please sign in to comment.