Added kirbi2john.py by Michael Kramer (https://github.com/magnumrippe…

…r/JohnTheRipper/blob/bleeding-jumbo/run/kirbi2john.py
kenizhou · Oct 7, 2015 · f9ce2ed · f9ce2ed
1 parent d8c86bd
commit f9ce2ed
Show file tree

Hide file tree

Showing 2 changed files with 130 additions and 130 deletions.
diff --git a/GetUserSPNs.ps1 b/GetUserSPNs.ps1
@@ -1,37 +1,37 @@
-# Edits by Tim Medin
-# File:     GetUserSPNS.ps1
-# Contents: Query the domain to find SPNs that use User accounts
-# Comments: This is for use with Kerberoast https://github.com/nidem/kerberoast
-#           The password hash used with Computer accounts are infeasible to 
-#           crack; however, if the User account associated with an SPN may have
-#           a crackable password. This tool will find those accounts. You do not
-#           need any special local or domain permissions to run this script. 
-#           This script on a script supplied by Microsoft (details below).
-# History:    2014/11/12     Tim Medin    Created
-
-[CmdletBinding()]
-Param(
-  [Parameter(Mandatory=$False,Position=1)] [string]$GCName,
-  [Parameter(Mandatory=$False)] [string]$Filter
-)
-
-$GCs = @()
-
-If ($GCName) {
-  $GCs += $GCName
-} else { # find them
-  $ForestInfo = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
-  $CurrentGCs = $ForestInfo.FindAllGlobalCatalogs()
-  ForEach ($GC in $CurrentGCs) {
+# Edits by Tim Medin
+# File:     GetUserSPNS.ps1
+# Contents: Query the domain to find SPNs that use User accounts
+# Comments: This is for use with Kerberoast https://github.com/nidem/kerberoast
+#           The password hash used with Computer accounts are infeasible to 
+#           crack; however, if the User account associated with an SPN may have
+#           a crackable password. This tool will find those accounts. You do not
+#           need any special local or domain permissions to run this script. 
+#           This script on a script supplied by Microsoft (details below).
+# History:    2014/11/12     Tim Medin    Created
+
+[CmdletBinding()]
+Param(
+  [Parameter(Mandatory=$False,Position=1)] [string]$GCName,
+  [Parameter(Mandatory=$False)] [string]$Filter
+)
+
+$GCs = @()
+
+If ($GCName) {
+  $GCs += $GCName
+} else { # find them
+  $ForestInfo = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
+  $CurrentGCs = $ForestInfo.FindAllGlobalCatalogs()
+  ForEach ($GC in $CurrentGCs) {
     #$GCs += $GC.Name
-    $GCs += $ForestInfo.ApplicationPartitions[0].SecurityReferenceDomain
-  }
-}
-
-if (-not $GCs) {
-  # no Global Catalogs Found
-  Write-Host "No Global Catalogs Found!"
-  Exit
+    $GCs += $ForestInfo.ApplicationPartitions[0].SecurityReferenceDomain
+  }
+}
+
+if (-not $GCs) {
+  # no Global Catalogs Found
+  Write-Host "No Global Catalogs Found!"
+  Exit
 }
 
 <#
@@ -71,8 +71,8 @@ objectsid                      {1 5 0 0 0 0 0 5 21 0 0 0 191 250 179 30 180 59 1
 objectguid                     {101 165 206 61 61 201 88 69 132 246 108 227 231 47 109 102}
 objectcategory                 {CN=Person,CN=Schema,CN=Configuration,DC=medin,DC=local}
 usncreated                     {57551}
-#>
-
+#>
+
 ForEach ($GC in $GCs) {
     $searcher = New-Object System.DirectoryServices.DirectorySearcher
     $searcher.SearchRoot = "LDAP://" + $GC
@@ -102,4 +102,4 @@ ForEach ($GC in $GCs) {
                 #@{Name="DistinguishedName";    Expression={$result.Properties["distinguishedname"][0].ToString()} }
           }
     }
-}
+}
diff --git a/GetUserSPNs.vbs b/GetUserSPNs.vbs
@@ -1,95 +1,95 @@
-' Edits by Tim Medin
-' File:     GetUserSPNS.vbs
-' Contents: Query the domain to find SPNs that use User accounts
-' Comments: This is for use with Kerberoast https://github.com/nidem/kerberoast
-'           The password hash used with Computer accounts are infeasible to 
-'           crack; however, if the User account associated with an SPN may have
-'           a crackable password. This tool will find those accounts. You do not
-'           need any special local or domain permissions to run this script. 
-'           This script on a script supplied by Microsoft (details below).
-' History:    2014/11/12     Tim Medin    Created
-'
-' Original Script Details:
-' Copyright (c) Microsoft Corporation 2004 -
-' File:                querySpn.vbs
-' Contents:     Query a given SPN in a given forest to find the owners
-' History:         7/7/2004     Craig Wiand     Created        
-
-Option Explicit         
-Dim oConnection, oCmd, oRecordSet
-Dim oGC, oNSP
-Dim strGCPath, strClass, strADOQuery
-Dim vObjClass, vSPNs, vName
-
-ParseCommandLine()
-
-'--- Set up the connection ---
-Set oConnection = CreateObject("ADODB.Connection")
-Set oCmd = CReateObject("ADODB.Command")
-oConnection.Provider = "ADsDSOObject"
-oConnection.Open "ADs Provider"
-Set oCmd.ActiveConnection = oConnection
-oCmd.Properties("Page Size") = 1000
-
-'--- Build the query string ---
-strADOQuery = "<" + strGCPath + ">;(&(!objectClass=computer)(servicePrincipalName=*));" & _
-        "dnsHostName,distinguishedName,servicePrincipalName,objectClass," & _
-                "samAccountName;subtree"
-oCmd.CommandText = strADOQuery
-
-'--- Execute the query for the object in the directory ---
-Set oRecordSet = oCmd.Execute
-If oRecordSet.EOF and oRecordSet.Bof Then
-  Wscript.Echo "No SPNs found!"
-  Wscript.Quit 0
-End If
-
-While Not oRecordset.Eof
-  Wscript.Echo oRecordset.Fields("distinguishedName")
-  'vObjClass = oRecordset.Fields("objectClass")
-  'strClass = vObjClass( UBound(vObjClass) )
-  'Wscript.Echo "Class: " & strClass
-  If UCase(strClass) = "COMPUTER" Then
-    Wscript.Echo "Computer DNS: " & oRecordset.Fields("dnsHostName")
-  Else
-    Wscript.Echo "User Logon: " & oRecordset.Fields("samAccountName")
-  End If
-
-  '--- Display the SPNs on the object --- 
-  vSPNs = oRecordset.Fields("servicePrincipalName")
-  For Each vName in vSPNs
-    Wscript.Echo "-- " + vName
-  Next
-  Wscript.Echo
-  oRecordset.MoveNext
-Wend
-
-oRecordset.Close
-oConnection.Close
-
-Sub ShowUsage()
-     Wscript.Echo " USAGE:        " & WScript.ScriptName & " SpnToFind [GC Servername or Forestname]"
-     Wscript.Echo
-     Wscript.Echo "                     " & WScript.ScriptName
-     Wscript.Echo "                     " & WScript.ScriptName & " Corp.com"
-     Wscript.Quit 0
-End Sub
-
-Sub ParseCommandLine()
-  If WScript.Arguments.Count = 1 Then
-    If WScript.Arguments(0) = "-h" Or WScript.Arguments(0) = "--help" Or WScript.Arguments(0) = "-?" Or WScript.Arguments(0) = "/?" Then
-        ShowUsage()
-    Else
-      strGCPath = "GC://" & WScript.Arguments(1)
-    End If
-  ElseIf WScript.Arguments.Count = 0 Then
-    ' Set the GC
-    Set oNSP = GetObject("GC:")
-    For Each oGC in oNSP
-        strGCPath = oGC.ADsPath
-    Next
-  Else
-      ShowUsage()
-  End If
-
+' Edits by Tim Medin
+' File:     GetUserSPNS.vbs
+' Contents: Query the domain to find SPNs that use User accounts
+' Comments: This is for use with Kerberoast https://github.com/nidem/kerberoast
+'           The password hash used with Computer accounts are infeasible to 
+'           crack; however, if the User account associated with an SPN may have
+'           a crackable password. This tool will find those accounts. You do not
+'           need any special local or domain permissions to run this script. 
+'           This script on a script supplied by Microsoft (details below).
+' History:    2014/11/12     Tim Medin    Created
+'
+' Original Script Details:
+' Copyright (c) Microsoft Corporation 2004 -
+' File:                querySpn.vbs
+' Contents:     Query a given SPN in a given forest to find the owners
+' History:         7/7/2004     Craig Wiand     Created        
+
+Option Explicit         
+Dim oConnection, oCmd, oRecordSet
+Dim oGC, oNSP
+Dim strGCPath, strClass, strADOQuery
+Dim vObjClass, vSPNs, vName
+
+ParseCommandLine()
+
+'--- Set up the connection ---
+Set oConnection = CreateObject("ADODB.Connection")
+Set oCmd = CReateObject("ADODB.Command")
+oConnection.Provider = "ADsDSOObject"
+oConnection.Open "ADs Provider"
+Set oCmd.ActiveConnection = oConnection
+oCmd.Properties("Page Size") = 1000
+
+'--- Build the query string ---
+strADOQuery = "<" + strGCPath + ">;(&(!objectClass=computer)(servicePrincipalName=*));" & _
+        "dnsHostName,distinguishedName,servicePrincipalName,objectClass," & _
+                "samAccountName;subtree"
+oCmd.CommandText = strADOQuery
+
+'--- Execute the query for the object in the directory ---
+Set oRecordSet = oCmd.Execute
+If oRecordSet.EOF and oRecordSet.Bof Then
+  Wscript.Echo "No SPNs found!"
+  Wscript.Quit 0
+End If
+
+While Not oRecordset.Eof
+  Wscript.Echo oRecordset.Fields("distinguishedName")
+  'vObjClass = oRecordset.Fields("objectClass")
+  'strClass = vObjClass( UBound(vObjClass) )
+  'Wscript.Echo "Class: " & strClass
+  If UCase(strClass) = "COMPUTER" Then
+    Wscript.Echo "Computer DNS: " & oRecordset.Fields("dnsHostName")
+  Else
+    Wscript.Echo "User Logon: " & oRecordset.Fields("samAccountName")
+  End If
+
+  '--- Display the SPNs on the object --- 
+  vSPNs = oRecordset.Fields("servicePrincipalName")
+  For Each vName in vSPNs
+    Wscript.Echo "-- " + vName
+  Next
+  Wscript.Echo
+  oRecordset.MoveNext
+Wend
+
+oRecordset.Close
+oConnection.Close
+
+Sub ShowUsage()
+     Wscript.Echo " USAGE:        " & WScript.ScriptName & " SpnToFind [GC Servername or Forestname]"
+     Wscript.Echo
+     Wscript.Echo "                     " & WScript.ScriptName
+     Wscript.Echo "                     " & WScript.ScriptName & " Corp.com"
+     Wscript.Quit 0
+End Sub
+
+Sub ParseCommandLine()
+  If WScript.Arguments.Count = 1 Then
+    If WScript.Arguments(0) = "-h" Or WScript.Arguments(0) = "--help" Or WScript.Arguments(0) = "-?" Or WScript.Arguments(0) = "/?" Then
+        ShowUsage()
+    Else
+      strGCPath = "GC://" & WScript.Arguments(1)
+    End If
+  ElseIf WScript.Arguments.Count = 0 Then
+    ' Set the GC
+    Set oNSP = GetObject("GC:")
+    For Each oGC in oNSP
+        strGCPath = oGC.ADsPath
+    Next
+  Else
+      ShowUsage()
+  End If
+
 End Sub