A modular software for hacking offline Home windows filesystems and bypassing login screens. Can do hashdumps, OSK-Backdoors, consumer enumeration and extra.
When a Home windows machine is shut down, until it has Bitlocker or one other encryption service enabled, it is storage machine incorporates all the things saved on the machine as if it was unlocked. This implies which you can boot from an working system on a bootable USB and entry it is recordsdata – and even simply join the filesystem to a different laptop.
This software helps for when you possibly can entry the Home windows filesystem from Linux (utilizing one of many talked about strategies); it has utilities that may dump NTLM password hashes, record customers, set up backdoors to spawn an elevated command immediate on the login display screen and extra.
Present Modules:
1. hashdump.py – Dumps NTLM hashes from the goal Home windows filesystem
2. osk_backdoor.py – Backdoor osk.exe to bypass the login; additionally contains an ‘unbackdoor’ module
3. list_users.py – Listing the customers with a profile on the Home windows filesystem
4. chrome.py – Dump chrome historical past and login information of all customers on the Home windows filesystem
5. get_dpapi_masterkeys.py – Dump DPAPI grasp keys from the Home windows filesystem
6. enum_unattend.py – Enumerate unattend recordsdata
7. memory_strings.py – Search by means of the reminiscence of the pc to search out information
8. startup.py – Inject a program right into a consumer’s startup listing
9. wifi.py – Get Wi-Fi passwords with DPAPI
‘record’ : Listing all storage gadgets at /dev/ with a format of MSDOS, NTFS or -FVE-FS- (BITLOCKER) ; This can load the drive paths into reminiscence
‘usedrive’ : Set the drive to make use of; can use numbers assigned from the ‘record’ command
‘modules’ : Listing modules ; This can load the module names into reminiscence, so you should run this command earlier than deciding on a module
‘use’ : Use the chosen module
(must run as root as a result of PyPyKatz’ import path listing relies on the present consumer, and this must run as root)
sudo pip3 set up -r necessities.txt
sudo python3 tofu.py
Constructed With :
Warning : For those who’re writing a module, ensure it will not do any injury earlier than working it
