diff options
Diffstat (limited to 'auto_nxc_vuln_scanner')
| -rw-r--r-- | auto_nxc_vuln_scanner/README.md | 30 | ||||
| -rw-r--r-- | auto_nxc_vuln_scanner/auto_nxc.py | 87 | ||||
| -rw-r--r-- | auto_nxc_vuln_scanner/image.png | bin | 0 -> 1704305 bytes | |||
| -rw-r--r-- | auto_nxc_vuln_scanner/image2.png | bin | 0 -> 467600 bytes |
4 files changed, 117 insertions, 0 deletions
diff --git a/auto_nxc_vuln_scanner/README.md b/auto_nxc_vuln_scanner/README.md new file mode 100644 index 0000000..fe4bf93 --- /dev/null +++ b/auto_nxc_vuln_scanner/README.md @@ -0,0 +1,30 @@ +# Auto NXC Scanner + +One-command vulnerability scanner using NetExec. Checks 8 critical Windows/AD vulnerabilities. + +## Quick Start + +```bash +python3 auto_nxc.py -t 10.10.10.10 # Basic scan +python3 auto_nxc.py -t 10.10.10.10 -u user -p pass -d domain.local # Authenticated +``` + +## Scanned Vulnerabilities + +- ✅ **Critical**: zerologon, printnightmare, ms17-010, smbghost, petitpotam, nopac, ntlm_reflection +- 🔍 **Info**: spooler (service detection) + +## Output + +Clear results showing: +- Vulnerable services (marked CRITICAL) +- Non-vulnerable services +- Authentication requirements for each check + +## Usage + +```bash +python3 auto_nxc.py -t TARGET [-u USERNAME] [-p PASSWORD] [-d DOMAIN] +``` + +**Note**: Some checks require credentials. Use only on authorized systems. diff --git a/auto_nxc_vuln_scanner/auto_nxc.py b/auto_nxc_vuln_scanner/auto_nxc.py new file mode 100644 index 0000000..4e8d8fc --- /dev/null +++ b/auto_nxc_vuln_scanner/auto_nxc.py @@ -0,0 +1,87 @@ +import subprocess +import argparse + +# Author : 0xRushikesh +# Date : 06/12/2025 + +VULNS = { + 'zerologon': (False, True), + 'printnightmare': (False, True), + 'ms17-010': (False, True), + 'smbghost': (False, True), + 'petitpotam': (False, True), + 'nopac': (True, True), + 'ntlm_reflection': (True, True), + 'spooler': (True, False), +} + +def run_scan(target, user, passwd, domain, module): + + cmd = ['nxc', 'smb', target] + if user: + cmd += ['-u', user, '-p', passwd] + if domain: + cmd += ['-d', domain] + else: + cmd += ['-u', '', '-p', ''] + + cmd += ['-M', module] + + try: + result = subprocess.run(cmd, capture_output=True, text=True, timeout=60) + output = result.stdout + result.stderr + print(output) + return output + except Exception as e: + error_msg = f"Error scanning {module}: {str(e)}" + print(error_msg) + return error_msg + +def main(): + parser = argparse.ArgumentParser(description='NXC Vulnerability Scanner') + parser.add_argument('-t', '--target', required=True, help='Target IP') + parser.add_argument('-u', '--username', default='', help='Username') + parser.add_argument('-p', '--password', default='', help='Password') + parser.add_argument('-d', '--domain', default='', help='Domain') + args = parser.parse_args() + + print(f"\n[*] Scanning {args.target}\n") + vulnerable = [] + safe = [] + + for module, (needs_creds, is_critical) in VULNS.items(): + + if needs_creds and not args.username: + print(f"[!] Skipping {module} - needs credentials\n") + continue + + print(f"[*] Checking {module}...") + output = run_scan(args.target, args.username, args.password, args.domain, module) + print(output) + + if 'VULNERABLE' in output.upper(): + vulnerable.append((module, is_critical)) + else: + safe.append(module) + + print() + + + print("=========================================================================================================================================================================================") + if vulnerable: + print(f"\n[!] FOUND {len(vulnerable)} VULNERABILITY(IES):\n") + for mod, crit in vulnerable: + tag = " [CRITICAL]" if crit else "" + print(f" - {mod}{tag}") + else: + print("\n[+] No vulnerabilities found") + + if safe: + print("\n[+] NOT VULNERABLE:") + for mod in safe: + print(f" - {mod}") + + print("==================================================================================================================================================================================================") + +if __name__ == '__main__': + main() diff --git a/auto_nxc_vuln_scanner/image.png b/auto_nxc_vuln_scanner/image.png Binary files differnew file mode 100644 index 0000000..d880762 --- /dev/null +++ b/auto_nxc_vuln_scanner/image.png diff --git a/auto_nxc_vuln_scanner/image2.png b/auto_nxc_vuln_scanner/image2.png Binary files differnew file mode 100644 index 0000000..089d2b6 --- /dev/null +++ b/auto_nxc_vuln_scanner/image2.png |
