The Apache License 2.0 applies to keimpx, which is an open source utility.
It may be used to swiftly check a network for valid credentials through SMB. Credentials can be obtained in a variety of ways:
- Combination of user / NTLM logon session token.
- Combination of user / NTLM hash.
- Combination of user / plain-text password.
After the attack phase, if any genuine credentials are detected throughout the network, the user is prompted to select which host to join and which legitimate credentials to use. They will subsequently be given access to an interactive SMB shell, which will allow them to:
- Spawn an interactive command prompt.
- Browse through the remote SMB shares: create, download files, list, remove files, upload, etc.
- Launch and deactivate their own services, such as a backdoor listening for incoming connections on a TCP port.
- List the names of the users, their domains, and the password policy.
The intended use for the tool is strictly educational and should not be used for any other purpose.
Download Link: https://github.com/nccgroup/keimpx