Updated RID_ENUM and twitter handles

readme/CHANGES

@@ -1,3 +1,16 @@
+~~~~~~~~~~~~~~~~
+version 5.3.8
+~~~~~~~~~~~~~~~~
+
+* updated RID_ENUM to the latest version
+* Changed twitter handle from dave_rel1k to @hackingdave
+
+~~~~~~~~~~~~~~~~
+version 5.3.7
+~~~~~~~~~~~~~~~~
+
+* Fixed an issue that would cause connecting directly to an MSSQL server to fail based on an undefined module _mssql
+
 ~~~~~~~~~~~~~~~~
 version 5.3.6
 ~~~~~~~~~~~~~~~~

src/commandcenter/footer

@@ -10,7 +10,7 @@
 
 	<div id="socialmedia">
 		<a href="http://www.secmaniac.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
-		<a href="http://twitter.com/dave_rel1k"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
+		<a href="http://twitter.com/hackingdave"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
 	</div>
 	
 	</body></html>

src/commandcenter/header

@@ -29,7 +29,7 @@
 	
 	<div id="socialmedia2">
 		<a style="" href="http://www.secmaniac.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
-		<a style="" href="http://twitter.com/dave_rel1k"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
+		<a style="" href="http://twitter.com/hackingdave"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
 	</div>
 	
 		<div id="logo">

src/core/fasttrack.py

@@ -209,6 +209,7 @@ try:
                 # establish base counter for connection
                 counter = 0
                 try:
+                    import _mssql
                     conn = _mssql.connect(sql_server + ":" + str(sql_port), sql_username, sql_password)
                     counter = 1
                 except Exception, e:

src/core/reports/index.html

@@ -27,7 +27,7 @@
 	
 	<div id="socialmedia2">
 		<a href="http://www.secmaniac.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
-		<a href="http://twitter.com/dave_rel1k"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
+		<a href="http://twitter.com/hackingdave"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
 	</div>
 	
 		<div id="logo">
@@ -90,7 +90,7 @@ The credential harvester keeps track of how many individuals visited a site and
 
 	<div id="socialmedia">
 		<a href="http://www.secmaniac.com/feed/"><img src="files/rss.png" alt="RSS Feed" title="RSS Feed"></a><br><br>
-		<a href="http://twitter.com/dave_rel1k"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
+		<a href="http://twitter.com/hackingdave"><img src="files/tweet.png" alt="Twitter" title="Follow Me On Twitter!"></a>
 	</div>
 	
 <script type="text/javascript">

src/core/setcore.py

@@ -229,7 +229,7 @@ def print_error(message):
     print bcolors.RED + bcolors.BOLD + "[!] " + bcolors.ENDC + bcolors.RED + str(message) + bcolors.ENDC
 
 def get_version():
-    define_version = '5.3.6'
+    define_version = '5.3.8'
     return define_version
 
 class create_menu:
@@ -756,7 +756,7 @@ def show_banner(define_version,graphic):
 [---]                Version: """+bcolors.RED+"""%s""" % (define_version) +bcolors.BLUE+"""                    [---]
 [---]           Codename: '""" + bcolors.YELLOW + """NextGen Unicorn""" + bcolors.BLUE + """'            [---]
 [---]        Follow us on Twitter: """ + bcolors.PURPLE+ """@TrustedSec""" + bcolors.BLUE+"""         [---]
-[---]        Follow me on Twitter: """ + bcolors.PURPLE+ """@Dave_ReL1K""" + bcolors.BLUE+"""         [---]
+[---]        Follow me on Twitter: """ + bcolors.PURPLE+ """@HackingDave""" + bcolors.BLUE+"""        [---]
 [---]       Homepage: """ + bcolors.YELLOW + """https://www.trustedsec.com""" + bcolors.BLUE+"""       [---]
 
 """ + bcolors.GREEN+"""        Welcome to the Social-Engineer Toolkit (SET). 

src/fasttrack/rid_enum.py

@@ -10,7 +10,7 @@ import sys
 # Written by: David Kennedy (ReL1K)
 # Website: https://www.trustedsec.com
 # Twitter: @TrustedSec
-# Twitter: @dave_rel1k
+# Twitter: @HackingDave
 #
 # This tool will use rpcclient to cycle through and identify what rid accounts exist. Uses a few
 # different techniques to find the proper RID.
@@ -164,7 +164,7 @@ try:
         # if we weren't successful on lsaquery
         else:
             print "[!] Unable to enumerate through lsaquery, trying default account names.."
-            accounts = ("administrator", "guest", "krbtgt")
+            accounts = ("administrator", "guest", "krbtgt", "root")
             for account in accounts:
                 # check the user account based on tuple
                 sid = check_user(ip, account)
@@ -238,15 +238,19 @@ try:
                     password = password.rstrip()
                     # if we specify a lowercase username
                     if password == "lc username":
-                        password = user.split("\\")[1]
-                        password = password.lower()
+                        try:
+                            password = user.split("\\")[1]
+                            password = password.lower()
+                        except: pass
                     # if we specify a uppercase username
                     if password == "uc username":
-                        password = user.split("\\")[1]
-                        password = password.upper()
+                        try:
+                            password = user.split("\\")[1]
+                            password = password.upper()
+                        except: pass
                     child = pexpect.spawn("rpcclient -U '%s%%%s' %s" % (user_fixed, password, ip))
                     i = child.expect(['LOGON_FAILURE', 'rpcclient', 'NT_STATUS_ACCOUNT_EXPIRED',
-                                      'NT_STATUS_ACCOUNT_LOCKED_OUT'])
+                                      'NT_STATUS_ACCOUNT_LOCKED_OUT', 'NT_STATUS_ACCOUNT_DISABLED', 'NT_STATUS_LOGON_TYPE_NOT_GRANTED'])
 
                     # login failed for this one
                     if i == 0:

src/teensy/binary2teensy.py

@@ -9,7 +9,7 @@ from src.core.menu.text import *
 #                               BSIDES LV EXE to Teensy Creator
 #
 #                                by Josh Kelley (@winfang98)
-#                                Dave Kennedy (@dave_rel1k)
+#                                Dave Kennedy (@hackingdave)
 #
 ################################################################################################
 
@@ -56,7 +56,7 @@ print """
         BSIDES Las Vegas ----  EXE to Teensy Creator
 ********************************************************************
 
-Written by: Josh Kelley (@winfang98) and Dave Kennedy (ReL1K, @dave_rel1k)
+Written by: Josh Kelley (@winfang98) and Dave Kennedy (ReL1K, @hackingdave)
 
 This program will take shellexeccode which is converted to hexadecimal and
 place it onto a victim machine through hex to binary conversion via powershell.

src/teensy/sd2teensy.py

@@ -9,7 +9,7 @@ from src.core.menu.text import *
 #                            BSIDES LV SDCARD to Teensy Creator
 #
 #                                by Josh Kelley (@winfang98)
-#                                Dave Kennedy (@dave_rel1k)
+#                                Dave Kennedy (@hackingdave)
 #
 ################################################################################################
 
@@ -22,7 +22,7 @@ print """
         BSIDES Las Vegas ----  SDCard to Teensy Creator
 ********************************************************************
 
-Written by: Josh Kelley (@winfang98) and Dave Kennedy (ReL1K, @dave_rel1k)
+Written by: Josh Kelley (@winfang98) and Dave Kennedy (ReL1K, @hackingdave)
 
 This tool will read in a file from the Teensy SDCard, not mount it via
 Windows and perform a hex to binary conversion via Powershell. It requires