NetExec icon indicating copy to clipboard operation
NetExec copied to clipboard
verified publisher icon Pennyw0rth

Add sessions_bloodhound module

Open nodauf opened this issue 1 year ago • 5 comments

This module use the get_netloggedon to list the users connected on a target and add the relationship in bloodhound image image

nodauf avatar Oct 22 '24 07:10 nodauf

Thanks for the PR! Though, we already have the flag --loggedon-users, which enumerates these users. Could you just add the bloodhound functionality to that function? See: https://github.com/Pennyw0rth/NetExec/blob/d6e77d19c6b9cba06201f6ba1fcb8083e1402024/nxc/protocols/smb.py#L1230-L1251

The current bloodhound logic is located at /nxc/helpers/bloodhound.py. Please add the logic there and import the function. We have to also be careful with the domain the computer is in, as well as the user that has logged onto to the host. Take a look at the existing bloodhound functionality, i added a check to prevent name clashes with different domains (and trusts).

NeffIsBack avatar Oct 22 '24 13:10 NeffIsBack

@nodauf any update on this?

NeffIsBack avatar May 18 '25 18:05 NeffIsBack

Sorry, I haven't had time to look again but it's still on my mind and I'll probably make the change in June.

nodauf avatar May 18 '25 18:05 nodauf

Hum I believe this was added with the -reg-sessions option ?

Dfte avatar Sep 28 '25 13:09 Dfte

Hum I believe this was added with the -reg-sessions option ?

I don't think so, this is (should be) an implementation to feed the session data into bloodhound, but this also applies to reg_sessions() now as well.

NeffIsBack avatar Sep 28 '25 14:09 NeffIsBack