{
	"id": "1c96dc1b-907b-4f36-890d-e974b376701d",
	"created_at": "2026-04-06T00:21:49.315012Z",
	"updated_at": "2026-04-10T03:20:31.353153Z",
	"deleted_at": null,
	"sha1_hash": "9277ebf4623fe054849de605f1ccbbfb4174854f",
	"title": "GitHub - brav0hax/smbexec",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 71085,
	"plain_text": "GitHub - brav0hax/smbexec\r\nBy brav0hax\r\nArchived: 2026-04-05 22:53:27 UTC\r\nFolders and files\r\nName Name Last commit message\r\nLast\r\ncommit\r\ndate\r\nLatest commit\r\nRemoved source code compilation as part of\r\ninstall, updated yml to pt…\r\nJun 22, 2015\r\na54fc14 · Jun 22, 2015\r\nHistory\r\n59 Commits\r\ncerts certs\r\nMoving smbexec back to where it\r\nbelongs\r\nJun 19, 2015\r\nlib lib\r\nRemoved source code compilation as\r\npart of install, updated yml to pt…\r\nJun 22, 2015\r\npatches patches\r\nMoving smbexec back to where it\r\nbelongs\r\nJun 19, 2015\r\npowershell powershell\r\nMoving smbexec back to where it\r\nbelongs\r\nJun 19, 2015\r\nhttps://github.com/brav0hax/smbexec\r\nPage 1 of 5\n\nName Name Last commit message\r\nLast\r\ncommit\r\ndate\r\nprogs progs\r\nMoving smbexec back to where it\r\nbelongs\r\nJun 19, 2015\r\nsources sources\r\nMoving smbexec back to where it\r\nbelongs\r\nJun 19, 2015\r\nGemfile Gemfile\r\nMoving smbexec back to where it\r\nbelongs\r\nJun 19, 2015\r\nGemfile.lock Gemfile.lock\r\nRemoved source code compilation as\r\npart of install, updated yml to pt…\r\nJun 22, 2015\r\nREADME README Update README Jun 19, 2015\r\nTODO TODO\r\nMoving smbexec back to where it\r\nbelongs\r\nJun 19, 2015\r\nWCE-LICENSE.txt WCE-LICENSE.txt updated wce to univ binary Jul 15, 2013\r\nWCE-README WCE-README updated wce to univ binary Jul 15, 2013\r\nabout.txt about.txt\r\nMoving smbexec back to where it\r\nbelongs\r\nJun 19, 2015\r\ninstall.sh install.sh\r\nRemoved source code compilation as\r\npart of install, updated yml to pt…\r\nJun 22, 2015\r\nhttps://github.com/brav0hax/smbexec\r\nPage 2 of 5\n\nName Name Last commit message\r\nLast\r\ncommit\r\ndate\r\nsmbexec.rb smbexec.rb\r\nMoving smbexec back to where it\r\nbelongs\r\nJun 19, 2015\r\nsmbexec.yml smbexec.yml\r\nRemoved source code compilation as\r\npart of install, updated yml to pt…\r\nJun 22, 2015\r\nREADME\r\nLicense\r\n************************************************************\r\n smbexec\r\n A rapid psexec style attack with samba tools\r\n Original Concept and Script by Brav0Hax \u0026 PureHate\r\n Ported to ruby and modified by Smilingraccoon and Zeknox\r\n Codename - Machiavellian\r\n************************************************************\r\nWritten because we got sick of Metasploit PSExec getting popped\r\nSpecial thanks to Carnal0wnage who's blog inspired us to go this route.\r\nhttp://carnal0wnage.attackresearch.com/2012/01/psexec-fail-upload-and-exec-instead.html\r\nv2.0 - 10/17/2013\r\nUPDATED - Rubified ;)\r\nv1.2.9.1 - 07/31/2013\r\nADDED - r3dy (pentestgeek.com) created a custom cachedump.rb that is a standalone tool to extract dcc\r\nv1.2.9 - 07/15/2013\r\nUPDATED - wce has been updated with a universal binary with new version released by the developer (v1\r\nFIXED - on occasion when a Ctrl-C is inititated, if the smbexec proj folder is empty it will delete i\r\nFIXED - Typo in the f_dsusers function for sys file path\r\nWindows Credentials Editor v1.41beta\r\n(c) 2010, 2011, 2012, 2013 Amplia Security, Hernan Ochoa\r\nwritten by: hernan@ampliasecurity.com\r\nhttp://www.ampliasecurity.com\r\nhttps://github.com/brav0hax/smbexec\r\nPage 3 of 5\n\nv1.2.8.1 - 06/24/2013\r\nUPDATED - Added 'make' install check since libesedb and nmap rely on it for compile\r\nUPDATED - DA/EA checker still not working as I wanted, ugly grep hacks to make it perform better.\r\n \r\nv1.2.8 - 05/22/2013\r\nADDED - If you have crypter.exe installed on your system it will encrypt your payload after obfuscati\r\nADDED - Will prompt you if you'd like to execute payload as user or SYSTEM\r\nADDED - Option to gain a command shell from a remote system without a payload\r\nFIXED - DA check gives system error 5 \"Access Denied\" changed it to complete the tasks as SYSTEM -\u003e T\r\nUPDATED - Fix payload creation issues, triggered DEP when combined with crypter.exe option. Thx to Ho\r\nv1.2.7 - 04/01/2013\r\nFIXED - False positives from Admin check option\r\nFIXED - Domain cached creds logic I brok in last release\r\nUPDATED - The whole look and feel is less gaudy and borrow heavily from msfconsole\r\nv1.2.6 - 02/25/2013\r\nADDED - wce.exe for 64 Bit systems\r\nFIXED - DA/EA checker did not check for any errors and would falsely state users were on the system t\r\nFIXED - Option to just create payload and RC file would continue by launching attack. Now operating a\r\nUPDATE - Now checks the target systems processor architecture in order to use the proper wce.exe (wce\r\nUPDATE - dcc hash file \u0026 cleartext password file is only moved into logfolder if not empty (common e\r\nUPDATE - source code for samba is now v3.6.12 for compiling smbexeclient binary\r\nUPDATE - Installer now installs nmap verision 6.25 (Only if nmap is not found on the system. It does\r\nv1.2.5 - 02/19/2013\r\nFIXED - Issues with proper mingw identification, especially for 64 Bit systems - Bug reported by Jim\r\nUPDATE - Installer was updated with extra prereqs for winexe compilation.\r\nTESTING - Install and execution of smbexec was tested again on Ubuntu 12.04 and Fedora 17 64Bit syste\r\nv1.2.4 - 02/04/2013\r\nUPDATE - Added UAC functionality. Now you can check systems to see if they have UAC enabled. In addit\r\nv1.2.3 - 01/20/2013\r\nUPDATE - Changed menu layout, was getting crowded on the main page. Combined like tasks.\r\nFIXED - Hash folder creation wasn't checking for existing folder before trying to create. Resulted in\r\nv1.2.2 - 01/17/2013\r\nUPDATE - Check credentials for remote login capabilities\r\nUPDATE - Checks systems for DA/EA users logged in or running processes\r\nUPDATE - If wce.exe is place in the smbexec/progs/ directory it will upload and execute on the target\r\nNOTE: The wce.exe file that exists in the progs directory has been obfuscated and is included in smbe\r\nHernan retains all rights to the Windows Credential Editor and can ask to have the program removed f\r\nWindows Credentials Editor v1.3beta\r\nhttps://github.com/brav0hax/smbexec\r\nPage 4 of 5\n\n(c) 2010, 2011, 2012 Amplia Security, Hernan Ochoa\r\nwritten by: hernan@ampliasecurity.com\r\nhttp://www.ampliasecurity.com\r\nv1.2.0 - 11/30/2012\r\nFIXED - Script now checks to ensure exe's are compiled before running. Alerts user to use installer t\r\nUPDATE - Added drive and path variables to ntds hash grab function. (No longer hardcoded to C:\\Window\r\nUPDATE - Checks for available diskspace before copying ntds.dit and sys files to the path provided\r\nUPDATE - Deletes the volume shadow copy created by the ntds hash grab function\r\nv1.1.1 - 11/11/2012\r\nFIXED - Sometimes the IP validation fails even though it is a proper IP address\r\nUPDATE - Installer updated with Samba-3.6.9 source\r\nUPDATE - libesedb project moved to Google Code, installer updated with proper path\r\nIncludes\r\n- smbexec.sh\r\n- installer.sh\r\n- patches to compile binaries\r\n- source for samba-3.6.9 and winexe-1.00\r\nJust run the installer and you should be good to go! If not email me... jbrav.hax@gmail.com\r\nCredit where credit is due:\r\n* b00stfr3ak - For multiple pull requests and code contributions\r\n* Pasv - For the kick ass updates to the file finder module\r\n* wce.exe - Hernan Ochoa - An incredible tool that mimikatz CANNOT touch! - http://www.ampliasecurity\r\n* smbclient \u0026 winexe Hash Passing patch - JoMo-kun -\u003e http://www.foofus.net/~jmk/passhash.html\r\n- Patch updated for Samba 3.6.12 by exfil (Emilio Escobar)\r\n* vanish.sh - Original concept Astr0baby stable version edits Vanish3r -\u003e http://www.securitylabs.in/\r\n* www.samba.org\r\n* winexe - ahajda -\u003e http://sourceforge.net/users/ahajda\r\n* Metasploit - www.metasploit.com (Thank you HD and team!)\r\n* Nmap - nmap.org (Thank you Fydor!)\r\n* Creddump - Brendan Dolan-Gavitt - http://code.google.com/p/creddump/\r\n* NTDSXtract - Csaba Barta - http://www.ntdsxtract.com/\r\n* libesedb - Joachim Metz - http://libesedb.googlecode.com/\r\nHappy Hunting!\r\nSource: https://github.com/brav0hax/smbexec\r\nhttps://github.com/brav0hax/smbexec\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://github.com/brav0hax/smbexec"
	],
	"report_names": [
		"smbexec"
	],
	"threat_actors": [],
	"ts_created_at": 1775434909,
	"ts_updated_at": 1775791231,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/9277ebf4623fe054849de605f1ccbbfb4174854f.pdf",
		"text": "https://archive.orkl.eu/9277ebf4623fe054849de605f1ccbbfb4174854f.txt",
		"img": "https://archive.orkl.eu/9277ebf4623fe054849de605f1ccbbfb4174854f.jpg"
	}
}