-
Notifications
You must be signed in to change notification settings - Fork 132
Config File
Ellis Springe edited this page Feb 20, 2024
·
6 revisions
The config file provides a convenient location to place your desired options. This makes it easy to bring your personal choices from spray to spray, without all the CLI hassle.
Any configuration option can be specified via the config except utility options. If a config file is provided and CLI options are also specified, the CLI options will override the config file options.
python3 credmaster --config config.json
{
"plugin" : null, // Type: String, Any plugin name, ex: "o365", "msol", "azuresso"
"userfile" : null, // Type: String, Any file location, ex: "/this/is/a/path/to/users.txt"
"passwordfile" : null, // Type: String, Any file location, ex: "/this/is/a/path/to/passwords.txt"
"userpassfile" : null, // Type: String, Any file location, ex: "/this/is/a/path/to/userpassfile.txt"
"useragentfile" : null, // Type: String, Any file location, ex: "/this/is/a/path/to/useragents.txt"
"outfile" : null, // Type: String, Any desired output location, ex: "./filename"
"threads" : null, // Type: Int, Desired number of threads, ex: 10
"region" : null, // Type: String, Desired AWS region for API creation, ex: "us-west-2"
"jitter" : null, // Type: Int, Jitter maximum in seconds, ex: 7
"jitter_min" : null, // Type: Int, Jitter minimum in seconds, ex: 4
"delay" : null, // Type: Int, delay between passwords in minutes, ex: 180
"passwordsperdelay" : null, // Type: Int, number of passwords tried per delay cycle, ex: 3
"randomize" : false, // Type: Bool, True for randomization, False for as-is
"header" : null, // Type: String, Custom header to be added to requests, ex: "X-Attribution: ThisWasSecurityFirm"
"xforwardedfor" : null, // Type: String, Static setting for the X-Forwarded-For header instead of RNG, ex: "1.2.3.4"
"weekday_warrior" : null, // Type: Int, UTC offset, see the wiki, ex: -6
"color" : false, // Type: Bool, True for color, False for no color
"trim" : false, // Type: Bool, omit users with a successfully found password from further sprays
"slack_webhook" : null, // Type: String, Slack webhook URL, ex: "https://hooks.slack.com/..."
"pushover_token" : null, // Type: String, Pushover API token, ex: "abcdefg123456"
"pushover_user" : null, // Type: String, Pushover API user, ex: "abcdefg123456"
"discord_webhook" : null, // Type: String, Discord webhook URL, ex: "https://webhook.url/..."
"teams_webhook" : null, // Type: String, Teams webhook URL, ex: "https://webhook.url/..."
"keybase_webhook": null, // Type: String, Keybase webhook URL, ex: "https://webhook.url/..."
"operator_id" : null, // Type: String, Name of operator for ID with teams using same webhook, ex: "knavesec"
"exclude_password" : false, // Type: Bool, True if successful password should not be posted to notification system
"access_key" : null, // Type: String, FireProx AWS access key, ex: "AASE245DYH6632..."
"secret_access_key" : null, // Type: String, FireProx AWS secret access key, ex: "avrqr9iqovin4oriqoi3jceij2..."
"session_token" : null, // Type: String, FireProx AWS session token, ex: "cqeqc<snip>"
"profile_name" : null // Type: String, FireProx AWS profile name, ex: "fireprox"
}