Add Native SOCKS Proxy Options for Examples

README.md

@@ -1,6 +1,32 @@
 Impacket
 ========
 
+Socks Branch
+-----------------------
+
+This branch adds native socks proxy functionality for some examples.
+This is done to eliminate the need for an extra tool like
+[proxychains](https://github.com/haad/proxychains).
+
+The extra options added are found under the `SOCKS Proxy Options` category in the help menu:
+
+ * socks (enables socks)
+ * socks-address
+ * socks-port
+
+**Examples updated:**
+
+ * atexec.py
+ * dcomexec.py
+ * mssqlclient.py
+ * psexec.py
+ * secretsdump.py
+ * smbexec.py
+ * wmiexec.py
+
+Original README
+---
+
 [![Latest Version](https://img.shields.io/pypi/v/impacket.svg)](https://pypi.python.org/pypi/impacket/)
 [![Build and test Impacket](https://github.com/fortra/impacket/actions/workflows/build_and_test.yml/badge.svg)](https://github.com/fortra/impacket/actions/workflows/build_and_test.yml)
 

examples/DumpNTLMInfo.py

@@ -644,12 +644,27 @@ def __convert_size(self, size_bytes):
     parser.add_argument('-protocol', choices=['SMB', 'RPC'], nargs='?', metavar="protocol",
                         help='Protocol to use (SMB or RPC). Default is SMB, port 135 uses RPC normally.')
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
     if len(sys.argv) == 1:
         parser.print_help()
         sys.exit(1)
 
     options = parser.parse_args()
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     if options.port == 135:
         if not options.protocol:
             options.protocol = 'RPC'

examples/Get-GPPPassword.py

@@ -227,6 +227,12 @@ def parse_args():
     group.add_argument("-target-ip", action="store", metavar="ip address", help="IP Address of the target machine. If omitted it will use whatever was specified as target. This is useful when target is the NetBIOS name and you cannot resolve it")
     group.add_argument("-port", choices=["139", "445"], nargs="?", default="445", metavar="destination port", help="Destination port to connect to SMB Server")
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
     if len(sys.argv) == 1:
         parser.print_help()
         sys.exit(1)
@@ -297,6 +303,15 @@ def init_smb_session(args, domain, username, password, address, lmhash, nthash):
     args = parse_args()
     init_logger(args)
 
+    # Relay connections through a socks proxy
+    if (args.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', args.socks_address, args.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, args.socks_address, args.socks_port)
+        socket.socket = socks.socksocket
+
     if args.target.upper() == "LOCAL":
         if args.xmlfile is not None:
             # Only given decrypt XML file

examples/GetADComputers.py

@@ -271,6 +271,12 @@ def run(self):
                                                                               'If ommited, the domain part (FQDN) '
                                                                               'specified in the account parameter will be used')
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
 
 
 
@@ -290,6 +296,15 @@ def run(self):
     else:
         logging.getLogger().setLevel(logging.INFO)
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     domain, username, password = parse_credentials(options.target)
 
     if domain == '':

examples/GetADUsers.py

@@ -233,6 +233,12 @@ def run(self):
                                                                               'If ommited, the domain part (FQDN) '
                                                                               'specified in the account parameter will be used')
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
     if len(sys.argv)==1:
         parser.print_help()
         sys.exit(1)
@@ -249,6 +255,15 @@ def run(self):
     else:
         logging.getLogger().setLevel(logging.INFO)
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     domain, username, password = parse_credentials(options.target)
 
     if domain == '':

examples/GetLAPSPassword.py

@@ -330,6 +330,12 @@ def run(self):
                                                                               'If ommited, the domain part (FQDN) '
                                                                               'specified in the account parameter will be used')
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
     if len(sys.argv)==1:
         parser.print_help()
         sys.exit(1)
@@ -346,6 +352,15 @@ def run(self):
     else:
         logging.getLogger().setLevel(logging.INFO)
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     domain, username, password = parse_credentials(options.target)
 
     if domain == '':

examples/GetNPUsers.py

@@ -417,6 +417,12 @@ def request_multiple_TGTs(self, usernames):
                                                                               'If ommited, the domain part (FQDN) '
                                                                               'specified in the account parameter will be used')
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
     if len(sys.argv)==1:
         parser.print_help()
         print("\nThere are a few modes for using this script")
@@ -447,6 +453,15 @@ def request_multiple_TGTs(self, usernames):
     else:
         logging.getLogger().setLevel(logging.INFO)
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     domain, username, password = parse_credentials(options.target)
 
     if domain == '':

examples/GetUserSPNs.py

@@ -529,6 +529,12 @@ def request_multiple_TGSs(self, usernames):
                                                                             'If ommited, the domain part (FQDN) '
                                                                             'specified in the account parameter will be used')
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
     if len(sys.argv) == 1:
         parser.print_help()
         sys.exit(1)
@@ -550,6 +556,15 @@ def request_multiple_TGSs(self, usernames):
     else:
         logging.getLogger().setLevel(logging.INFO)
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     userDomain, username, password = parse_credentials(options.target)
 
     if userDomain == '':

examples/addcomputer.py

@@ -577,6 +577,11 @@ def run(self):
                                                                       'Useful if you can\'t translate the FQDN.'
                                                                       'specified in the account parameter will be used')
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
 
     if len(sys.argv)==1:
         parser.print_help()
@@ -591,6 +596,15 @@ def run(self):
     else:
         logging.getLogger().setLevel(logging.INFO)
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     domain, username, password = parse_credentials(options.account)
 
     try:

examples/atexec.py

@@ -271,6 +271,12 @@ def cmd_split(cmdline):
                                          'If omitted it will use the domain part (FQDN) specified in the target parameter')
     group.add_argument('-keytab', action="store", help='Read keys for SPN from keytab file')
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
     if len(sys.argv)==1:
         parser.print_help()
         sys.exit(1)
@@ -280,6 +286,15 @@ def cmd_split(cmdline):
     # Init the example's logger theme
     logger.init(options.ts)
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     if options.codec is not None:
         CODEC = options.codec
     else:

examples/changepasswd.py

@@ -833,6 +833,13 @@ def parse_args():
         ),
     )
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
+
     if len(sys.argv) == 1:
         parser.print_help()
         sys.exit(1)
@@ -846,6 +853,15 @@ def parse_args():
     options = parse_args()
     init_logger(options)
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     handlers = {
         "kpasswd": KPassword,
         "rpc-samr": RpcPassword,

examples/dacledit.py

@@ -725,6 +725,12 @@ def parse_args():
     dacl_parser.add_argument('-inheritance', action="store_true", help='Enable the inheritance in the ACE flag with CONTAINER_INHERIT_ACE and OBJECT_INHERIT_ACE. Useful when target is a Container or an OU, '
                                                                        'ACE will be inherited by objects within the container/OU (except objects with adminCount=1)')
 
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
+
     if len(sys.argv) == 1:
         parser.print_help()
         sys.exit(1)
@@ -959,6 +965,15 @@ def main():
     args = parse_args()
     init_logger(args)
 
+    # Relay connections through a socks proxy
+    if (args.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', args.socks_address, args.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, args.socks_address, args.socks_port)
+        socket.socket = socks.socksocket
+
     if args.action == 'write' and args.principal_sAMAccountName is None and args.principal_SID is None and args.principal_DN is None:
         logging.critical('-principal, -principal-sid, or -principal-dn should be specified when using -action write')
         sys.exit(1)

examples/dcomexec.py

@@ -589,6 +589,12 @@ def load_smbclient_auth_file(path):
     group.add_argument('-A', action="store", metavar = "authfile", help="smbclient/mount.cifs-style authentication file. "
                                                                         "See smbclient man page's -A option.")
     group.add_argument('-keytab', action="store", help='Read keys for SPN from keytab file')
+
+    group = parser.add_argument_group('SOCKS Proxy Options')
+    group.add_argument('-socks', action='store_true', default=False,
+                        help='Use a SOCKS proxy for the connection')
+    group.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address')
+    group.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port')
 
     if len(sys.argv)==1:
         parser.print_help()
@@ -599,6 +605,15 @@ def load_smbclient_auth_file(path):
     # Init the example's logger theme
     logger.init(options.ts)
 
+    # Relay connections through a socks proxy
+    if (options.socks):
+        logging.info('Relaying connections through SOCKS proxy (%s:%s)', options.socks_address, options.socks_port)
+        import socket
+        import socks
+
+        socks.set_default_proxy(socks.SOCKS5, options.socks_address, options.socks_port)
+        socket.socket = socks.socksocket
+
     if options.codec is not None:
         CODEC = options.codec
     else: