Closed maaaaz closed 8 years ago
@maaaaz I agree this would be useful, I don't know how well impacket plays with pyinstaller or py2exe will have to do some testing
Cool, let us know !
Hey @byt3bl33d3r,
I performed some tests and it seems that:
First, in order to port your script, you need to:
os.geteuid()
does not exist on Windowsfrom termcolor import cprint, colored
to
from termcolor import cprint, colored
import colorama
colorama.init()
Take a look at the following link for more information on that topic.
Then, to bundle the script as a standalone PE file:
pip install --upgrade -r requirements.txt
and also now colorama pip install colorama
pyinstaller
core modulepip install pyinstaller
pyinstaller --clean --onefile crackmapexec.py
: I haven't checked more advanced options for compression, custom icon etc.dist
folderI was also able to produce a single ELF executable from a Linux environment and it also worked flawlessly :)
Cheers
@maaaaz awesome! will test this later today, thanks!
@maaaaz I successfully compiled a binary in Wine and a Windows VM. I don't plan on distributing pre-compiled binaries but will probably add this in the README as a reference for anyone who wants to build it.
Okay great!
Would it bother you if I distribute pre-compiled binaries on a repo I created ? Would it bother you if I name it crackmapexecwin ? I would totally understand that you declining it.
@maaaaz as long as you include a link to the original project in the readme i'm fine with it
Cool ! For sure there'll be a link to your project.
I'll let you know about the opening.
Hey @byt3bl33d3r,
As promised, here is the Windows compiled version of CrackMapExec: https://github.com/maaaaz/CrackMapExecWin
You can find the patched-and-ported version in the _src
folder.
I took the liberty to take your avatar for the PE icon :)
Keep up the good work mate, I'll try to report as much bugs as I could experience (and bring ideas) in order to improve that great tool.
Cheers.
@maaaaz Awesome, should be easier for you now too since windows is supported ;)
I have a problem, the generated exe does nothing. Any suggestion?
C:\tools\CrackMapExec\cme>pyinstaller --clean --onefile --debug crackmapexec.py
98 INFO: PyInstaller: 3.3
101 INFO: Python: 2.7.10
101 INFO: Platform: Windows-7-6.1.7601-SP1
105 INFO: wrote C:\tools\CrackMapExec\cme\crackmapexec.spec
110 INFO: UPX is not available.
111 INFO: Removing temporary files and cleaning cache in C:\Users\kmax\AppData\Roaming\pyinstaller
134 INFO: Extending PYTHONPATH with paths
['C:\\tools\\CrackMapExec', 'C:\\tools\\CrackMapExec\\cme']
137 INFO: checking Analysis
138 INFO: Building Analysis because out00-Analysis.toc is non existent
140 INFO: Initializing module dependency graph...
144 INFO: Initializing module graph hooks...
217 INFO: running Analysis out00-Analysis.toc
222 INFO: Adding Microsoft.VC90.CRT to dependent assemblies of final executable
required by C:\Python27\python.exe
305 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.manifest
308 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.manifest
311 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f47e1bd6f6571810.manifest
312 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_f47ed0f6f6564d90.manifest
315 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_f480bfaef65491a5.manifest
401 INFO: Searching for assembly x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_none ...
403 INFO: Found manifest C:\Windows\WinSxS\Manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.manifest
407 INFO: Searching for file msvcr90.dll
407 INFO: Found file C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
410 INFO: Searching for file msvcp90.dll
411 INFO: Found file C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
413 INFO: Searching for file msvcm90.dll
414 INFO: Found file C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
490 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.manifest
493 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.manifest
496 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f47e1bd6f6571810.manifest
500 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_f47ed0f6f6564d90.manifest
502 INFO: Found C:\Windows\WinSxS\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_f480bfaef65491a5.manifest
503 INFO: Adding redirect Microsoft.VC90.CRT version (9, 0, 21022, 8) -> (9, 0, 30729, 6161)
650 INFO: Caching module hooks...
659 INFO: Analyzing C:\tools\CrackMapExec\cme\crackmapexec.py
3016 INFO: Processing pre-safe import module hook _xmlplus
5344 INFO: Processing pre-find module path hook distutils
5588 INFO: Loading module hooks...
5591 INFO: Loading module hook "hook-distutils.py"...
5592 INFO: Loading module hook "hook-xml.py"...
5595 INFO: Loading module hook "hook-httplib.py"...
5598 INFO: Loading module hook "hook-gevent.monkey.py"...
7689 INFO: Loading module hook "hook-encodings.py"...
8404 INFO: Loading module hook "hook-sqlite3.py"...
8483 INFO: Loading module hook "hook-sysconfig.py"...
8486 INFO: Loading module hook "hook-_tkinter.py"...
8623 INFO: checking Tree
8625 INFO: Building Tree because out00-Tree.toc is non existent
8626 INFO: Building Tree out00-Tree.toc
8864 INFO: checking Tree
8865 INFO: Building Tree because out01-Tree.toc is non existent
8868 INFO: Building Tree out01-Tree.toc
8919 INFO: Looking for ctypes DLLs
8963 INFO: Analyzing run-time hooks ...
8972 INFO: Including run-time hook 'pyi_rth__tkinter.py'
8986 INFO: Looking for dynamic libraries
9480 INFO: Looking for eggs
9482 INFO: Using Python library C:\Windows\system32\python27.dll
9483 INFO: Found binding redirects:
[BindingRedirect(name=u'Microsoft.VC90.CRT', language=None, arch=u'x86', oldVersion=(9, 0, 21022, 8), newVersion=(9, 0, 30729, 6161), publicKeyToken=u'1fc8b3b9a1e18e3b')]
9490 INFO: Warnings written to C:\tools\CrackMapExec\cme\build\crackmapexec\warncrackmapexec.txt
9565 INFO: Graph cross-reference written to C:\tools\CrackMapExec\cme\build\crackmapexec\xref-crackmapexec.html
9873 INFO: checking PYZ
9875 INFO: Building PYZ because out00-PYZ.toc is non existent
9876 INFO: Building PYZ (ZlibArchive) C:\tools\CrackMapExec\cme\build\crackmapexec\out00-PYZ.pyz
10755 INFO: Building PYZ (ZlibArchive) C:\tools\CrackMapExec\cme\build\crackmapexec\out00-PYZ.pyz completed successfully.
10851 INFO: checking PKG
10854 INFO: Building PKG because out00-PKG.toc is non existent
10855 INFO: Building PKG (CArchive) out00-PKG.pkg
10897 INFO: Redirecting Microsoft.VC90.CRT version (9, 0, 21022, 8) -> (9, 0, 30729, 6161)
10900 INFO: Updating manifest in C:\Users\kmax\AppData\Roaming\pyinstaller\bincache00_py27_32bit\python27.dll
10901 INFO: Updating resource type 24 name 2 language 1033
10998 INFO: Updating manifest in C:\Users\kmax\AppData\Roaming\pyinstaller\bincache00_py27_32bit\sqlite3.dll
11000 INFO: Updating resource type 24 name 2 language 1033
11019 INFO: Redirecting Microsoft.VC90.CRT version (9, 0, 21022, 8) -> (9, 0, 30729, 6161)
11022 INFO: Updating manifest in C:\Users\kmax\AppData\Roaming\pyinstaller\bincache00_py27_32bit\tcl85.dll
11024 INFO: Updating resource type 24 name 2 language 1033
11044 INFO: Updating manifest in C:\Users\kmax\AppData\Roaming\pyinstaller\bincache00_py27_32bit\tk85.dll
11047 INFO: Updating resource type 24 name 1 language 1033
11055 INFO: Redirecting Microsoft.VC90.CRT version (9, 0, 21022, 8) -> (9, 0, 30729, 6161)
11059 INFO: Updating manifest in C:\Users\kmax\AppData\Roaming\pyinstaller\bincache00_py27_32bit\tk85.dll
11062 INFO: Updating resource type 24 name 2 language 1033
11111 INFO: Redirecting Microsoft.VC90.CRT version (9, 0, 21022, 8) -> (9, 0, 30729, 6161)
13518 INFO: Building PKG (CArchive) out00-PKG.pkg completed successfully.
13776 INFO: Bootloader C:\Python27\lib\site-packages\PyInstaller\bootloader\Windows-32bit\run_d.exe
13779 INFO: checking EXE
13779 INFO: Building EXE because out00-EXE.toc is non existent
13781 INFO: Building EXE from out00-EXE.toc
13785 INFO: Appending archive to EXE C:\tools\CrackMapExec\cme\dist\crackmapexec.exe
13799 INFO: Building EXE from out00-EXE.toc completed successfully.```
Trying to execute the result exe:
C:\tools\CrackMapExec\cme>cd dist
C:\tools\CrackMapExec\cme\dist>crackmapexec.exe
[376] PyInstaller Bootloader 3.x
[376] LOADER: executable is C:\tools\CrackMapExec\cme\dist\crackmapexec.exe
[376] LOADER: homepath is C:\tools\CrackMapExec\cme\dist
[376] LOADER: _MEIPASS2 is NULL
[376] LOADER: archivename is C:\tools\CrackMapExec\cme\dist\crackmapexec.exe
[376] LOADER: Extracting binaries
[376] LOADER: Executing self as child
[376] LOADER: set _MEIPASS2 to C:\Users\kmax\AppData\Local\Temp\_MEI3762
[376] LOADER: Setting up to run child
[376] LOADER: Creating child process
[376] LOADER: Waiting for[ 3c7h1i6l]d PpyrIoncsetsasl lteor fBionoitslho.a.d.e
r 3.x
[3716] LOADER: executable is C:\tools\CrackMapExec\cme\dist\crackmapexec.exe
[3716] LOADER: homepath is C:\tools\CrackMapExec\cme\dist
[3716] LOADER: _MEIPASS2 is C:\Users\kmax\AppData\Local\Temp\_MEI3762
[3716] LOADER: archivename is C:\tools\CrackMapExec\cme\dist\crackmapexec.exe
[3716] LOADER: SetDllDirectory(C:\Users\kmax\AppData\Local\Temp\_MEI3762)
[3716] LOADER: Already in the child - running user's code.
[3716] LOADER: manifestpath: C:\Users\kmax\AppData\Local\Temp\_MEI3762\crackmapexec.exe.manifest
[3716] LOADER: Activation context created
[3716] LOADER: Activation context activated
[3716] LOADER: Python library: C:\Users\kmax\AppData\Local\Temp\_MEI3762\python27.dll
[3716] LOADER: Loaded functions from Python library.
[3716] LOADER: Manipulating environment (sys.path, sys.prefix)
[3716] LOADER: sys.prefix is C:\Users\kmax\AppData\Local\Temp\_MEI3762
[3716] LOADER: Setting runtime options
[3716] LOADER: Bootloader option: pyi-windows-manifest-filename crackmapexec.exe.manifest
[3716] LOADER: Initializing python
[3716] LOADER: Overriding Python's sys.path
[3716] LOADER: Post-init sys.path is C:\Users\kmax\AppData\Local\Temp\_MEI3762
[3716] LOADER: Setting sys.argv
[3716] LOADER: setting sys._MEIPASS
[3716] LOADER: importing modules from CArchive
[3716] LOADER: extracted struct
[3716] LOADER: callfunction returned...
[3716] LOADER: extracted pyimod01_os_path
[3716] LOADER: callfunction returned...
[3716] LOADER: extracted pyimod02_archive
[3716] LOADER: callfunction returned...
[3716] LOADER: extracted pyimod03_importers
[3716] LOADER: callfunction returned...
[3716] LOADER: Installing PYZ archive with Python modules.
[3716] LOADER: PYZ archive: out00-PYZ.pyz
[3716] LOADER: Running pyiboot01_bootstrap.py
[3716] LOADER: Running pyi_rth__tkinter.py
[3716] LOADER: Running crackmapexec.py
[3716] LOADER: OK.
[3716] LOADER: Cleaning up Python interpreter.
[376] LOADER: Back to parent (RC: 0)
[376] LOADER: Doing cleanup
[376] LOADER: Freeing archive status for C:\tools\CrackMapExec\cme\dist\crackmapexec.exe
C:\tools\CrackMapExec\cme\dist>
Hello there,
It would be nice that whether you could bundle your tool in an all-in-one executable, in order to be able to easily deploy it on compromised Windows targets (for pivoting purposes etc.).
Have a look at the bottom of the README of patator to see some tricks for bundling it!
Cheers.