0xVoodoo
@@ -0,0 +1,14 @@
|
||||
# Katz^2
|
||||
Katz Squared is a small python parser for Mimikatz log files, allowing for username/hash combos to be written to txt files, ready for use with Hashcat (you get the joke yet?) or John.
|
||||
|
||||
---
|
||||
|
||||
Usage: `katz2.py [-h] -f/--file -m/--mode`
|
||||
-
|
||||
**Modes:**
|
||||
- logonpasswords - Used for files containing the output of the mimikatz module of the same name.
|
||||
- cache -- Used for files containing the output of the lsadump::cache mimikatz module
|
||||
---
|
||||
**License:**
|
||||
|
||||
GPLv3 as all good software should be.
|
||||
@@ -0,0 +1,68 @@
|
||||
import argparse
|
||||
|
||||
parser = argparse.ArgumentParser()
|
||||
parser.add_argument("-f", "--file", help="Mimikatz output file", required=True)
|
||||
parser.add_argument("-m", "--mode", help="Mimikatz mode used to obtain the output logonpasswords|cache", required=True)
|
||||
args = parser.parse_args()
|
||||
|
||||
def dump(creds):
|
||||
if isinstance(creds, list) and len(creds) >= 2:
|
||||
username = creds[0]
|
||||
hsh = creds[1]
|
||||
dumpfile = username+".txt"
|
||||
with open(dumpfile, "w+") as df:
|
||||
df.write(hsh)
|
||||
else:
|
||||
pass
|
||||
|
||||
def sekurlsa():
|
||||
filename = args.file
|
||||
creds = []
|
||||
with open(filename) as f:
|
||||
for line in f:
|
||||
if "authentication" in line.lower():
|
||||
dump(creds)
|
||||
creds = []
|
||||
elif "username" in line.lower():
|
||||
username = line.split(":")[1].strip()
|
||||
if username.lower() in creds or username.lower() == "(null)":
|
||||
pass
|
||||
else:
|
||||
creds.append(username.lower())
|
||||
elif "ntlm" in line.lower():
|
||||
ntlm = line.strip().split(":")[1].strip()
|
||||
if ntlm in creds:
|
||||
pass
|
||||
else:
|
||||
creds.append(ntlm)
|
||||
|
||||
def cache():
|
||||
filename = args.file
|
||||
creds = []
|
||||
with open(filename) as f:
|
||||
for line in f:
|
||||
if "nl$" in line.lower():
|
||||
print(creds)
|
||||
dump(creds)
|
||||
creds = []
|
||||
elif "user" in line.lower():
|
||||
username = line.split(":")[1].strip()
|
||||
if username.lower() in creds or username.lower() == "(null)":
|
||||
pass
|
||||
else:
|
||||
creds.append(username.lower())
|
||||
elif "mscachev2" in line.lower():
|
||||
mscache = line.strip().split(":")[1].strip()
|
||||
if mscache in creds:
|
||||
pass
|
||||
else:
|
||||
creds.append(mscache)
|
||||
|
||||
print("[+] Credential pairs written to disk")
|
||||
|
||||
if __name__ == "__main__":
|
||||
match args.mode:
|
||||
case "logonpasswords":
|
||||
sekurlsa()
|
||||
case "cache":
|
||||
cache()
|
||||
Reference in New Issue
Block a user