Home

Awesome

CredKing

Overview

Easily launch a password spray using AWS Lambda across multiple regions, rotating IP addresses with each request.

Brought to you by:

Black Hills Information Security

Benefits

Basic Usage

usage: credking.py [-h] --plugin PLUGIN [--threads THREADS] --userfile USERFILE --passwordfile PASSWORDFILE --access_key ACCESS_KEY --secret_access_key SECRET_ACCESS_KEY [--useragentfile USERAGENTFILE]

Arguments:
  -h, --help                            show this help message and exit
  --plugin PLUGIN                       spraying plugin
  --threads THREADS                     thread count (default: 1)
  --userfile USERFILE                   username file
  --passwordfile PASSWORDFILE           password file
  --access_key ACCESS_KEY               aws access key
  --secret_access_key SECRET_ACCESS_KEY aws secret access key
  --useragentfile                       useragent file

Plugin Usage

Gmail

The Gmail plugin does not require any additional arguments.

Okta

The Okta plugin adds a new required argument called oktadomain.

usage: credking.py <usual arugments> --oktadomain org.okta.com

Installation

Ubuntu 16.04

You can install and run automatically using Python 3 with the following command:

$ git clone https://github.com/ustayready/CredKing
$ cd CredKing
~/CredKing$ python3 credking.py

Note that Python 3 is required.

Bug reports, feature requests and patches are welcome.

Development

You can create new plugins by:

$ cd plugins
$ mkdir newplugin
$ cd newplugin
$ touch __init__.py
$ touch newplugin.py

Next, make sure to include the lambda handler function in your newplugin.py:

def lambda_handler(event, context):
	return your_function(event['username'], event['password'])

CredKing generates a deployment zip file which the lambdas receive when they are created. Because of this, CredKing requires the pre-reqs to be installed directly into the newplugin folder. You can accomplish this by:

$ pip install <pre-req> -t .

Plugin specific arguments

Plugin specific arguments can be specified with no modifications to credking.py, simply pass them as --argumentname value

If your plugin requirements plugin-specific arguments, you can implement a validate function in the __init__.py file of your plugin directory that will be passed an dictionary of all optional arguments.

Below is an example of plugin arugment validation used by the okta plugin's __init__.py.

def validate(args):
    if 'oktadomain' in args.keys():
        return True,None
    else:
        error = "Missing oktadomain argument, specify as --oktadomain org.okta.com"
        return False,error

The okta.py lambda_handler function then accesses the oktadomain argument as shown below.

def lambda_handler(event, context):
	domain = event['args']['oktadomain']
	return okta_authenticate(domain, event['username'], event['password'], event['useragent'])

That's it, enjoy!