{"id":18864764,"url":"https://github.com/hackndo/webclientservicescanner","last_synced_at":"2025-05-08T20:55:52.430Z","repository":{"id":47704975,"uuid":"391317875","full_name":"Hackndo/WebclientServiceScanner","owner":"Hackndo","description":"Python tool to Check running WebClient services on multiple targets based on @leechristensen","archived":false,"fork":false,"pushed_at":"2021-08-18T06:23:39.000Z","size":30,"stargazers_count":270,"open_issues_count":1,"forks_count":26,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-31T18:08:41.109Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Hackndo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-07-31T10:01:18.000Z","updated_at":"2025-03-19T14:54:17.000Z","dependencies_parsed_at":"2022-08-23T00:41:13.193Z","dependency_job_id":null,"html_url":"https://github.com/Hackndo/WebclientServiceScanner","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Hackndo%2FWebclientServiceScanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Hackndo%2FWebclientServiceScanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Hackndo%2FWebclientServiceScanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Hackndo%2FWebclientServiceScanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Hackndo","download_url":"https://codeload.github.com/Hackndo/WebclientServiceScanner/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253149404,"owners_count":21861718,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-08T04:43:58.095Z","updated_at":"2025-05-08T20:55:52.410Z","avatar_url":"https://github.com/Hackndo.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# WebClient Service Scanner\n\n\n![Example](https://raw.githubusercontent.com/Hackndo/WebclientServiceScanner/master/assets/demo.png)\n\n\nPython tool to Check running WebClient services on multiple targets based on [@tifkin_ idea](https://twitter.com/tifkin_/status/1419806476353298442).\n\nThis tool uses [impacket](https://github.com/SecureAuthCorp/impacket) project.\n\n\n### Usage\n\n```bash\nwebclientservicescanner hackn.lab/user:S3cur3P4ssw0rd@10.10.10.0/24\n```\n\nProvided credentials will be tested against a domain controller before scanning so that a typo in the domain/username/password won't lock out the account. If you want to bypass this check, just use `-no-validation` flag.\n\n### Exploitation\n\nGreen entries mean that WebDav client is active on remote host. Using [PetitPotam](https://github.com/topotam/PetitPotam) or [PrinterBug](https://github.com/dirkjanm/krbrelayx/blob/master/printerbug.py), an HTTP authentication can be coerced and relayed to LDAP(S) on domain controllers. This relay can use [RBCD](https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html) or [KeyCredentialLink](https://posts.specterops.io/shadow-credentials-abusing-key-trust-account-mapping-for-takeover-8ee1a53566ab) abuse to compromise relayed host.\n\nFor more info about relaying, you can check out https://en.hackndo.com/ntlm-relay/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhackndo%2Fwebclientservicescanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhackndo%2Fwebclientservicescanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhackndo%2Fwebclientservicescanner/lists"}