PyHook : An Offensive API Hooking Tool Written In Python Designed To Catch Various Credentials Within The API Call

PyHook is the python implementation of my SharpHook project, It uses various API hooks in order to give us the desired credentials.

PyHook Uses frida to inject it’s dependencies into the target process

Supported Processes

Process	API Call	Description	Progress
mstsc	`CredUnPackAuthenticationBufferW`	Hooks `CredUnPackAuthenticationBufferW` from mstsc and outputs username and password	DONE
runas	`CreateProcessWithLogonW`	Hooks `CreateProcessWithLogonW` from runas and outputs username, password and a domain name.	DONE
PowerShell	`CreateProcessWithLogonW`	Hooks `CreateProcessWithLogonW` from PowerShell and outputs username, password and a domain name (e.g – `Start-Process cmd -Credential X`).	DONE
cmd	`RtlInitUnicodeStringEx`	Hooks `RtlInitUnicodeStringEx` from cmd and outputs data from specific filters (e.g – “-p”, “password” etc).	DONE
MobaXterm	`CharUpperBuffA`	Hooks `CharUpperBuffA` from MobaXterm and outputs credentials for RDP and SSH logins.	DONE
explorer (UAC Prompt)	`CredUnPackAuthenticationBufferW`	Hooks `CredUnPackAuthenticationBufferW` from explorer and outputs username, password and a domain name.	DONE

Demo

Related

RDPThief : Extracting Clear Text Passwords From mstsc.exe Using API Hooking

November 25, 2019

In "Kali Linux"

Censys-Python : An Easy-To-Use & Lightweight API Wrapper For The Censys Search Engine

December 29, 2020

In "Kali Linux"

Slurp : Evaluate The Security Of S3 Buckets

August 4, 2019

In "Kali Linux"

R K

Next DirSearch : A Go Implementation Of Dirsearch »

Previous « Weakpass : Rule-Based Online Generator To Create A Wordlist Based On A Set Of Words

Leave a Comment

Share

Published by

R K

Tags: API CallAPI Hooking ToolPyHookPython

5 years ago

Recent Posts

How To

Bash Scripting Best Practices Every Beginner Should Know

Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…

1 day ago

How To

How To Create A Self-Signed SSL Certificate Using Bash And OpenSSL

Introduction A self-signed SSL certificate is a certificate that is created and signed by the…

1 day ago

How To

How To Debug Bash Scripts Using bash -x And set Commands

Introduction Debugging is an important part of Bash scripting. When a script does not work…

1 day ago

How To

How To Use Cron Jobs With Bash Scripts For Automation

Introduction Cron jobs are used in Linux to run commands or Bash scripts automatically at…

1 day ago

How To

How To Use Pipes In Bash Scripts For Command Chaining

Introduction Pipes are an important feature in Linux and Bash scripting. A pipe allows you…

1 day ago

How To

How To Use grep, awk, And sed In Bash Scripts

Introduction The grep, awk, and sed commands are powerful text-processing tools in Linux. They are…

2 days ago

L