Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migration to Python3 #323

Open
wants to merge 9 commits into
base: python3
from
Open

Migration to Python3 #323

wants to merge 9 commits into from

Conversation

@mpgn
Copy link

mpgn commented Nov 11, 2019

Don't merge anything yet, this PR is just here to keep you informate of the progress

Progression

  • --shares
  • --sessions
  • --disks
  • --loggedon-users
  • --users
  • --rid-brute
  • --groups
  • --local-groups
  • --pass-pol (local)
  • --pass-pol (domain)
  • -x whoami
  • -X '$PSVersionTable'
  • --sam
  • -H ntlm_hash
  • -u user.txt -p password.txt
  • --gen-relay-list
  • -d domain.local
  • --local-auth
  • --lsa
  • --ntds
  • --ntds-history option already deprecated in CME v4 python2
  • --ntds-pwdLastSe option already deprecated in CME v4 python2
  • --wmi
  • --exec-method smbexec -> not working but I got same result on CME v4 python2
  • --exec-method atexec
  • --exec-method wmiexec
  • --no-output
  • cmedb
  • --spider -> error from impacket lib, issue open fixed SecureAuthCorp/impacket#691

Modules modules based on Empire project should be removed since the Empire project is dead and dev in python2. I didn't test them, hope it makes sense.



So far, I migrate the wmiexec.py file and lot of other stuff just to test how hard it will be to migrate :)

I will continue the work over this week.

image

How to use this PR ?

git clone --recursive https://github.com/mpgn/CrackMapExec/tree/python3
cd CrackMapExec && pipenv install
pipenv shell
cd cmd/thirdparty/impacket #get lastest impacket version
git pull origin master
python setup.py install
cd ../pywerview
# since pywerview doesn't have merge the PR yet, you have to use the cloned repo
git remote rm origin
git remote add origin https://github.com/mpgn/pywerview
git remote add upstream https://github.com/the-useless-one/pywerview
git pull
python setup.py install
cd ../../../
python setup.py clean --all
python setup.py install
cme

Couple of things @byt3bl33d3r wants to take care of before merging this:

  • Get rid of all of the submodules (This also would mean getting Pywerview on Pypi)
  • Replace Gevent with Asyncio
  • Package CME as a Zipapp with Shiv so people don't have to worry about installing cme in a virtualenv anymore
if self.__retOutput:
try:
logging.debug('Executing remote')
self.execute_remote(data)

This comment has been minimized.

Copy link
@mpgn

mpgn Nov 11, 2019

Author

for the purpose of the test, I use execute_remote to get result of my command on Win10.

mpgn added 2 commits Nov 11, 2019
* --shares -> OK
* --sessions -> OK
* --disks -> OK
* --loggedon-users -> OK
* --users -> Not tested
* --rid-brute -> OK
* --groups -> Not tested
* --local-groups -> OK
* --pass-pol -> OK
* -u user.txt
* -p password.txt
* -H hashntlm
@mpgn mpgn force-pushed the mpgn:python3 branch from 7645369 to d2c477a Nov 11, 2019
@mpgn mpgn mentioned this pull request Nov 11, 2019
@awsmhacks

This comment has been minimized.

Copy link
Contributor

awsmhacks commented Nov 11, 2019

yo @mpgn , i've got quite a bit of this figured out (on the smb side) if you want to take a look. https://github.com/awsmhacks/CrackMapExtreme
all the powerview functionality was ported straight into the smb file. Check the enum functions for examples.
https://github.com/awsmhacks/CrackMapExtreme/blob/master/cmx/protocols/smb.py#L1365

@mpgn

This comment has been minimized.

Copy link
Author

mpgn commented Nov 11, 2019

thx @awsmhacks I will look at it :)

So far I didn't encourted much trouble for the migration as CME is well coded. Finger crossed 💯

@byt3bl33d3r

This comment has been minimized.

Copy link
Owner

byt3bl33d3r commented Nov 11, 2019

Thanks for the help @mpgn. This is awesome. Can't wait to review it :)

@byt3bl33d3r byt3bl33d3r changed the base branch from master to python3 Nov 12, 2019
@byt3bl33d3r

This comment has been minimized.

Copy link
Owner

byt3bl33d3r commented Nov 12, 2019

Hey @mpgn, i switched the target branch for this PR to python3 so that we can test changes before merging them to master.

error due to :
	python2 => 1 / 2 = 0
	python3 => 1 / 2 = 0.5
	python3 => 1 // 2 = 0
@mpgn

This comment has been minimized.

Copy link
Author

mpgn commented Nov 12, 2019

Just updated pywerview, now option --groups and --users is working like a charm on CME :)

the-useless-one/pywerview@264904b

@mpgn

This comment has been minimized.

Copy link
Author

mpgn commented Nov 12, 2019

@byt3bl33d3r I open the pull request so people can test this branch 👍

Even the Powershell is working fine :

image

@mpgn mpgn marked this pull request as ready for review Nov 12, 2019
@byt3bl33d3r

This comment has been minimized.

Copy link
Owner

byt3bl33d3r commented Nov 12, 2019

@mpgn have you tested cmedb with the new changes by any chance?

@mpgn

This comment has been minimized.

Copy link
Author

mpgn commented Nov 12, 2019

@byt3bl33d3r cmedb next, added to the progression checklist :)

@mpgn

This comment has been minimized.

Copy link
Author

mpgn commented Nov 12, 2019

cmedb should be fine except this function 2cf0c0f#diff-5e2c1aea0aecdc6b5a2ea8ce5d342ea1L64 on the HTTP side that never existed

=== Welcome back cmedb ===

image

@mpgn

This comment has been minimized.

Copy link
Author

mpgn commented Nov 12, 2019

@byt3bl33d3r quick question, why you want to replace Gevent by Asyncio ?

@byt3bl33d3r

This comment has been minimized.

Copy link
Owner

byt3bl33d3r commented Nov 12, 2019

1 less dependency :) plus IMHO asyncio would make things a lot simpler.

@mpgn

This comment has been minimized.

Copy link
Author

mpgn commented Nov 13, 2019

I will look at this over the week end :)

EDIT: I check over asyncio, looks great but to much for me these days

@byt3bl33d3r

This comment has been minimized.

Copy link
Owner

byt3bl33d3r commented Nov 17, 2019

@mpgn oh i'll take care of that part! (that's what i meant lol) you already did an insane amount

@mpgn

This comment has been minimized.

Copy link
Author

mpgn commented Dec 3, 2019

the issue with the --spider option SecureAuthCorp/impacket#691 has been resolved 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.