A new release of CrackMapExec is available ! The latest version of CME is now 5.3.0, all the features from the private version on Porchetta Industries have been merge into the public repository after 6 months.
This post will help you do track down all the new updates and issues fixed that have been pushed to CrackMapExec since porchetta has been launched.
But first, let's talk about the CME coins I just received !!!
First, big big Kudos to BZHunt, a french company who decided to sponsors this idea I got (they paid for everything).
Second, for now, the coins will be distributed to the contributors of the CME public repository or people like ippsec, 0xdf who throughout their HTB writeups (and videos) show how cme can be used to achieve something !
I will also do some CME workshop for various infosec events and a coin will be given to the student who finish the workshop first ! :)
CrackMapExec public repository is now located on this URL
Now let's talk about the new public features in CrackMapExec.
CrackMapExec now supports RDP protocol, his is no crappy freeRDP python wrapper behind this but the integration of @SkelSec's aardwolf lib:
You can also perform screenshot
New update on the WinRM protocol, CrackMapExec can now get the sam & lsa secrets:
A new mode "audit" to CrackMapExec has been added where the password (or nthash) will be replaced by the char of your choice or why not your favorite emoji this is the end of the "I NEED TO BLUR THIS SCREENSHOT" area in your pentest report :
Thanks to @Gianfrancoalongi you should get a bit less stacktrace when performing a large scan... I hope :D
I decided to remove all the repositories added via the recursive command and all the modules where a powershell script was loaded like mimikatz etc. These modules were deprecated and detected by any AV so pretty useless.