Update python

.gitignore

@@ -2,4 +2,160 @@
 *usernames.txt
 *passwords.txt
 logs/*
-passpr3y_output.txt
+passpr3y_*.txt
+
+.vscode
+logs/
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+#poetry.lock
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#  JetBrains specific template is maintainted in a separate JetBrains.gitignore that can
+#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#  and can be added to the global gitignore or merged into this file.  For a more nuclear
+#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
+#.idea/

README.md

@@ -5,13 +5,14 @@
 This is a fire-and-forget long-running password spraying tool. You hand it a list of usernames and passwords and walk away. It will perform a horizontal login attack while keeping in mind lockout times, erroneous responses, etc... Set it up on your attack box at the beginning of an assessment and check back for creds gradually over time. Output is intended to be easy to read through and grep. Focus is on simplicity.
 
 ## Requirements
-This tool requires Python 3 and was written with Python 3.6 in mind. Refer to the file header for any needed modules.
+This tool requires Python 3.
 
 ## Usage
 
 * Run `git clone https://github.com/depthsecurity/passpr3y.git`.
 * Run `chmod 755 passpr3y`.
-* Create a users file containing all users you'd like you spray. Name the file `usernames.txt`.
+* `pip install -r requirements.txt`
+* Create a users file containing all users you'd like you spray. Name the file `usernames.txt`. The usernames should be in the format `domain\username`.
 * Create a passwords file containing all the passwords you'd like to attempt, such as Summer2018. Name the file `passwords.txt`.
 * Create a requests file that uses the Burp proxy request format. Simply copy over the request to a file called `request.txt`.
 * In request.txt, replace the username parameter you would like to spray with `USERPR3Y`.

passpr3y.py

@@ -1,4 +1,4 @@
-#!/usr/bin/python3.6
+#!/usr/bin/python3
 
 # 1. This program comes with no promises, warranties, or apologies. 
 # 2. Use this program at your own risk and responsibility.
@@ -10,6 +10,7 @@
 
 import argparse
 import collections
+from typing import Collection, List
 import requests
 from requests_ntlm import HttpNtlmAuth
 from smb.SMBConnection import SMBConnection
@@ -30,8 +31,8 @@
 streamtologger.redirect(target="./passpr3y_output.txt")
 
 # Get rid of dem warnings, this a gottam hak tool
-from requests.packages.urllib3.exceptions import InsecureRequestWarning
-requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+import urllib3
+urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
 
 # Disable logging from pysmb
 logging.getLogger('SMB').setLevel(logging.CRITICAL)
@@ -50,6 +51,15 @@
     with open(PASSPR3Y_HITS_FILE, 'a'):
         os.utime(PASSPR3Y_HITS_FILE, None)
 
+def get_dict_from_headers(lineList: List) -> collections.OrderedDict:
+    d = collections.OrderedDict()
+    for line in map(str.strip, lineList[1:-1]):
+        if line != "":
+            header, value = line.split(": ")
+            d[header] = value
+    return d
+
+
 class Passpr3y:
     def __init__(self, requestFile, usernameFile, passwordFile, duration=7200, ssl=False, shotgun=False, proxy=None, ntlm=False, smb=False, ip="127.0.0.1", domain="."):
 
@@ -87,7 +97,8 @@ def __init__(self, requestFile, usernameFile, passwordFile, duration=7200, ssl=F
         elif self.ntlm:
             requestFile = open(self.requestFile, 'r')
             lineList = requestFile.readlines()
-            self.headerDict = collections.OrderedDict(item.split(': ') for item in map(str.strip, lineList[1:-1]))
+            # self.headerDict = collections.OrderedDict(item.split(': ') for item in map(str.strip, lineList[1:-1]))
+            self.headerDict = get_dict_from_headers(lineList)
             requestFile.close()
 
 
@@ -188,7 +199,7 @@ def performSpray(self):
                 else:
                     try:
                         response = self.performSMBRequest(self.domain, username, password, self.ip)
-                    except(Exception e):
+                    except Exception as e:
                         print("\tSMB exception: " + e.strerror)
                         continue
 

requirements.txt

@@ -0,0 +1,13 @@
+certifi==2021.10.8
+cffi==1.15.0
+charset-normalizer==2.0.11
+cryptography==36.0.1
+idna==3.3
+ntlm-auth==1.5.0
+pyasn1==0.4.8
+pycparser==2.21
+pysmb==1.2.7
+requests==2.27.1
+requests-ntlm==1.1.0
+streamtologger==2017.1
+urllib3==1.26.8