• Stars
    star
    566
  • Rank 78,774 (Top 2 %)
  • Language
    Python
  • Created over 6 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Password spraying using AWS Lambda for IP rotation

CredKing

Overview

Easily launch a password spray using AWS Lambda across multiple regions, rotating IP addresses with each request.

Brought to you by:

Black Hills Information Security

Benefits

  • Fully supports all AWS Lambda Regions
  • Multi-threaded processing
  • Generates user/password pairs
  • Easily add new plugins
  • Automatically creates execution role and lambdas

Basic Usage

usage: credking.py [-h] --plugin PLUGIN [--threads THREADS] --userfile USERFILE --passwordfile PASSWORDFILE --access_key ACCESS_KEY --secret_access_key SECRET_ACCESS_KEY [--useragentfile USERAGENTFILE]

Arguments:
  -h, --help                            show this help message and exit
  --plugin PLUGIN                       spraying plugin
  --threads THREADS                     thread count (default: 1)
  --userfile USERFILE                   username file
  --passwordfile PASSWORDFILE           password file
  --access_key ACCESS_KEY               aws access key
  --secret_access_key SECRET_ACCESS_KEY aws secret access key
  --useragentfile                       useragent file

Plugin Usage

Gmail

The Gmail plugin does not require any additional arguments.

Okta

The Okta plugin adds a new required argument called oktadomain.

usage: credking.py <usual arugments> --oktadomain org.okta.com

Installation

Ubuntu 16.04

You can install and run automatically using Python 3 with the following command:

$ git clone https://github.com/ustayready/CredKing
$ cd CredKing
~/CredKing$ python3 credking.py

Note that Python 3 is required.

Bug reports, feature requests and patches are welcome.

Development

You can create new plugins by:

$ cd plugins
$ mkdir newplugin
$ cd newplugin
$ touch __init__.py
$ touch newplugin.py

Next, make sure to include the lambda handler function in your newplugin.py:

def lambda_handler(event, context):
	return your_function(event['username'], event['password'])

CredKing generates a deployment zip file which the lambdas receive when they are created. Because of this, CredKing requires the pre-reqs to be installed directly into the newplugin folder. You can accomplish this by:

$ pip install <pre-req> -t .

Plugin specific arguments

Plugin specific arguments can be specified with no modifications to credking.py, simply pass them as --argumentname value

If your plugin requirements plugin-specific arguments, you can implement a validate function in the __init__.py file of your plugin directory that will be passed an dictionary of all optional arguments.

Below is an example of plugin arugment validation used by the okta plugin's __init__.py.

def validate(args):
    if 'oktadomain' in args.keys():
        return True,None
    else:
        error = "Missing oktadomain argument, specify as --oktadomain org.okta.com"
        return False,error

The okta.py lambda_handler function then accesses the oktadomain argument as shown below.

def lambda_handler(event, context):
	domain = event['args']['oktadomain']
	return okta_authenticate(domain, event['username'], event['password'], event['useragent'])

That's it, enjoy!

More Repositories

1

fireprox

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
Python
1,857
star
2

CredSniper

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
HTML
1,310
star
3

SharpHose

Asynchronous Password Spraying Tool in C# for Windows Environments
C#
306
star
4

python-pentesting

Just a repo of random Python scripts to get pentesters started with the Python language on engagements.
Python
209
star
5

golddigger

Python
180
star
6

CasperStager

PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
C#
146
star
7

cloudgpt

Vulnerability scanner for AWS customer managed policies using ChatGPT
Python
141
star
8

wnfexec

WNF Code Execution Library Using C#
C#
108
star
9

ShredHound

Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
Python
81
star
10

DirectAI

ChatGPT queries via OpenAI API in your terminal
Python
60
star
11

CloudBurst

CloudBurst is a red team framework for interacting with cloud providers to capture, compromise, and exfil data.
36
star
12

roguerdp

33
star
13

outpost

AWS Testing and Reporting Management Tool
Python
20
star
14

android-app-recovery

Scripts to parse large Android binary images and extracts deleted data from apps
Python
13
star
15

mavd

Mobile Application Vulnerability Detection
Python
12
star
16

physical-analyzer-scripts

Cellebrite Physical Analyzer python scripts to aid analysts with extended functionality
Python
8
star
17

googlerecon

Google Recon for Pentesting
Python
6
star
18

pynse

NSE to launch Python Scripts
Python
5
star
19

qrwifi

QRCode Wifi Generator
Python
3
star
20

forensicpy

Library for performing mobile device decoding for nibbles and 7-bit decoding
Python
3
star
21

pyslite

Script for performing SQLite database to Excel workbook conversions
Python
3
star
22

XtoTwitter

JavaScript
2
star
23

polk-sheriff-arrests

Downloads all the arrests from 1990-2017 from Polk County Sheriffs Office
Python
2
star
24

digraph

A digraph plotter for sequential byte visualization
Python
2
star
25

ipsubcon

IP Subnet Converter
Python
1
star
26

stayready.github.io

Personal Github IO Website
HTML
1
star
27

CasperWNF

Simple UI for creating, subscribing, updating, querying, and fuzzing Windows WNF state names.
1
star