Format SSSD Raw Kerberos Payloads into CCACHE files for use on Windows systems

Related tags

Security related resourcesKCMTicketFormatter
Overview

KCMTicketFormatter

This tools takes the output from https://github.com/fireeye/SSSDKCMExtractor and turns it into properly formatted CCACHE files for use with Windows systems.

KCMTicketFormatter integrates with https://github.com/fireeye/SSSDKCMExtractor. It takes a payload from the output of the tool and converts it to a properly-formatted CCACHE file.

usage

Requirements:

Usage:

To properly format your input, copy the payload from the SSSDKCMExtractor and paste it into a text file. You will provide this file to the tool with the -f flag.


usage: KCMTicketFormatter.py [-h] -f FILE [-o OUTPUT] [-v]

Format SSSD Raw Kerberos Payloads into CCACHE files for use on Windows systems.

optional arguments:
  -h, --help            show this help message and exit
  -f FILE, --file FILE  <Required> Specify path to the file containing SSSD Raw Kerberos Payload
  -o OUTPUT, --output OUTPUT
                        Specify name of file to output the ccache. Defaults to ticket.ccache
  -v, --verbose         Show debugging messages

Example:

python3 KCMTicketFormatter.py -f payload.txt -o user.ccache
Owner
Black Lantern Security
Security Organization
Black Lantern Security
GitHub Repository
The Multi-Tool Web Vulnerability Scanner.

๐ŸŸฅ RapidScan v1.2 - The Multi-Tool Web Vulnerability Scanner RapidScan has been ported to Python3 i.e. v1.2. The Python2.7 codebase is available on v1

skavngr 1.3k Dec 31, 2022
Security tool to test different bypass of forbidden

notForbidden Security tool to test different bypass of forbidden Usage python3 notForbidden.py URL Features Bypass with different methods (POST, OPT

6 Sep 08, 2022
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

springcore-0day-en These are all my notes from the alleged confirmed! 0day dropped on 2022-03-29. This vulnerability is commonly referred to as "Sprin

Chris Partridge 105 Nov 26, 2022
Separate handling of protected media in Django, with X-Sendfile support

Django Protected Media Django Protected Media is a Django app that manages media that are considered sensitive in a protected fashion. Not only does t

Cobus Carstens 46 Nov 12, 2022
OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

Marco Simioni 13 Jul 13, 2022
If you are worried about being found perhaps try taking cover under a blanket. Pure Python PowerShell Obfuscator

If you are worried about being found perhaps try taking cover under a blanket. Pure Python PowerShell Obfuscator

Ph0tonz 3 Jun 07, 2022
CVE-2021-41773 Path Traversal for Apache 2.4.49

CVE-2021-41773 Path Traversal for Apache 2.4.49

ac1d 3 Oct 20, 2021
NExfil is an OSINT tool written in python for finding profiles by username.

NExfil is an OSINT tool written in python for finding profiles by username. The provided usernames are checked on over 350 websites within few seconds.

thewhiteh4t 1.4k Jan 01, 2023
๐Ÿ‰ไธ€ๆฌพๅŸบไบŽPython-Django็š„ๅคšๅŠŸ่ƒฝWebๅฎ‰ๅ…จๆธ—้€ๆต‹่ฏ•ๅทฅๅ…ท๏ผŒๅŒ…ๅซๆผๆดžๆ‰ซๆ๏ผŒ็ซฏๅฃๆ‰ซๆ๏ผŒๆŒ‡็บน่ฏ†ๅˆซ๏ผŒ็›ฎๅฝ•ๆ‰ซๆ๏ผŒๆ—็ซ™ๆ‰ซๆ๏ผŒๅŸŸๅๆ‰ซๆ็ญ‰ๅŠŸ่ƒฝใ€‚

Sec-Tools ้กน็›ฎไป‹็ป ็ณป็ปŸ็ฎ€ไป‹ ๆœฌ้กน็›ฎๅ‘ฝๅไธบSec-Tools๏ผŒๆ˜ฏไธ€ๆฌพๅŸบไบŽ Python-Django ็š„ๅœจ็บฟๅคšๅŠŸ่ƒฝ Web ๅบ”็”จๆธ—้€ๆต‹่ฏ•็ณป็ปŸ๏ผŒๅŒ…ๅซๆผๆดžๆฃ€ๆต‹ใ€็›ฎๅฝ•่ฏ†ๅˆซใ€็ซฏๅฃๆ‰ซๆใ€ๆŒ‡็บน่ฏ†ๅˆซใ€ๅŸŸๅๆŽขๆต‹ใ€ๆ—็ซ™ๆŽขๆต‹ใ€ไฟกๆฏๆณ„้œฒๆฃ€ๆต‹็ญ‰ๅŠŸ่ƒฝใ€‚ๆœฌ็ณป็ปŸ้€š่ฟ‡ๆ—็ซ™ๆŽขๆต‹ๅ’ŒๅŸŸๅๆŽขๆต‹ๅŠŸ่ƒฝๅฏนๅพ…ๆฃ€ๆต‹็ฝ‘็ซ™่ฟ›่กŒ่ต„ไบงๆ”ถ้›†๏ผŒ้€š่ฟ‡็ซฏ

็ฎ€็ฎ€ 300 Jan 07, 2023
Safe Policy Optimization with Local Features

Safe Policy Optimization with Local Feature (SPO-LF) This is the source-code for implementing the algorithms in the paper "Safe Policy Optimization wi

Akifumi Wachi 6 Jun 05, 2022
Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
Just another script for automatize boolean-based blind SQL injections.

SQL Blind Injection Tool A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwi

RIM 51 Dec 15, 2022
labsecurity is a framework and its use is for ethical hacking and computer security

labsecurity labsecurity is a framework and its use is for ethical hacking and computer security. Warning This tool is only for educational purpose. If

Dylan Meca 16 Dec 08, 2022
telegram bug that discloses user's hidden phone number (still unpatched) (exploit included)

CVE-2019-15514 Type: Information Disclosure Affected Users, Versions, Devices: All Telegram Users Still not fixed/unpatched. brute.py is available exp

Gray Programmerz 66 Dec 08, 2022
Course: Information Security with Python

Curso: Seguranรงa da Informaรงรฃo com Python Curso realizado atravรจs da Plataforma da Digital Innovation One Prof: Bruno Dias Conteรบdo: Introduรงรฃo aos co

Elizeu Barbosa Abreu 1 Nov 28, 2021
VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen

Ashish Kunwar 4 Sep 23, 2022
๐™พ๐š™๐šŽ๐š— ๐š‚๐š˜๐šž๐š›๐šŒ๐šŽ ๐š‚๐šŒ๐š›๐š’๐š™๐š - ๐™ฝ๐š˜ ๐™ฒ๐š˜๐š™๐šข๐š›๐š’๐š๐š‘๐š - ๐šƒ๐šŽ๐šŠ๐š– ๐š†๐š˜๐š›๐š” - ๐š‚๐š’๐š–๐š™๐š•๐šŽ ๐™ฟ๐šข๐š๐š‘๐š˜๐š— ๐™ฟ๐š›๐š˜๐š“๐šŽ๐šŒ๐š - ๐™ฒ๐š›๐šŽ๐šŠ๐š๐šŽ๐š ๐™ฑ๐šข : ๐™ฐ๐š•๐š• ๐šƒ๐šŽ๐šŠ๐š– - ๐™ฒ๐š˜๐š™๐šข๐™ฟ๐šŠ๐šœ๐š ๐™ฒ๐šŠ๐š— ๐™ฝ๐š˜๐š ๐™ผ๐šŠ๐š”๐šŽ ๐šˆ๐š˜๐šž ๐š๐šŽ๐šŠ๐š• ๐™ฟ๐š›๐š˜๐š๐š›๐šŠ๐š–๐š–๐šŽ๐š›

๐™พ๐š™๐šŽ๐š— ๐š‚๐š˜๐šž๐š›๐šŒ๐šŽ ๐š‚๐šŒ๐š›๐š’๐š™๐š - ๐™ฝ๐š˜ ๐™ฒ๐š˜๐š™๐šข๐š›๐š’๐š๐š‘๐š - ๐šƒ๐šŽ๐šŠ๐š– ๐š†๐š˜๐š›๐š” - ๐š‚๐š’๐š–๐š™๐š•๐šŽ ๐™ฟ๐šข๐š๐š‘๐š˜๐š— ๐™ฟ๐š›๐š˜๐š“๐šŽ๐šŒ๐š - ๐™ฒ๐š›๐šŽ๐šŠ๐š๐šŽ๐š ๐™ฑ๐šข : ๐™ฐ๐š•๐š• ๐šƒ๐šŽ๐šŠ๐š– - ๐™ฒ๐š˜๐š™๐šข๐™ฟ๐šŠ๐šœ๐š ๐™ฒ๐šŠ๐š— ๐™ฝ๐š˜๐š ๐™ผ๐šŠ๐š”๐šŽ ๐šˆ๐š˜๐šž ๐š๐šŽ๐šŠ๐š• ๐™ฟ๐š›๐š˜๐š๐š›๐šŠ๐š–๐š–๐šŽ๐š›

CodeX-ID 2 Oct 27, 2022
POC for detecting the Log4Shell (Log4J RCE) vulnerability.

log4shell-poc-py POC for detecting the Log4Shell (Log4J RCE) vulnerability. Run on a system with python3 python3 log4shell-poc.py pathToTargetFile

BCC Risk Advisory 2 Dec 22, 2021
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202

Evi1cg 500 Jan 06, 2023
A simple Outline Server Access Key Copy and Paste Web Interface

Outline Keychain A simple Outline Server Access Key Copy and Paste Web Interface Developed for key and password export and copy & paste for other Shad

Zhe 1 Dec 28, 2021