Skip to content

garrettfoster13/sccmhunter

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Sponsored by SpecterOps Black Hat USA Arsenal 2024 @unsigned_sh0rt on Twitter

image

SCCMHunter

SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain. Please checkout the wiki for detailed usage.

Please note

This tool was developed and tested in a lab environment. Your mileage may vary on performance. If you run into any problems please don't hesitate to open an issue.

Installation

I strongly encourage using a python virtual environment for installation


git clone https://github.com/garrettfoster13/sccmhunter.git
cd sccmhunter
virtualenv --python=python3 .
source bin/activate
pip3 install -r requirements.txt
python3 sccmhunter.py -h

pipx can also be used to install globally


pipx install git+https://github.com/garrettfoster13/sccmhunter/

References

Huge thanks to the below for all their research and hard work and
@_mayyhem
Coercing NTLM Authentication from SCCM
SCCM Site Takeover via Automatic Client Push Installation

@TechBrandon
Push Comes To Shove: exploring the attack surface of SCCM Client Push Accounts
Push Comes To Shove: Bypassing Kerberos Authentication of SCCM Client Push Accounts.

@Raiona_ZA
Identifying and retrieving credentials from SCCM/MECM Task Sequences

@_xpn_
Exploring SCCM by Unobfuscating Network Access Accounts

@subat0mik
The Phantom Credentials of SCCM: Why the NAA Won’t Die

@HackingDave
Owning One to Rule Them All

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages