aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--netexec/README29
-rw-r--r--netexec/netexec.SlackBuild127
-rw-r--r--netexec/netexec.info12
-rw-r--r--netexec/requirements.txt90
-rw-r--r--netexec/slack-desc19
5 files changed, 277 insertions, 0 deletions
diff --git a/netexec/README b/netexec/README
new file mode 100644
index 0000000..568bea1
--- /dev/null
+++ b/netexec/README
@@ -0,0 +1,29 @@
+NetExec (nxc) is a network service exploitation tool that helps automate
+assessing the security of large networks. It is a maintained, actively
+developed fork of CrackMapExec, supporting protocols including SMB,
+LDAP, MSSQL, SSH, WinRM, RDP, FTP, NFS and more, with modules for
+credential dumping, lateral movement, and enumeration.
+
+This package installs NetExec as a self-contained Python virtualenv
+under /opt/netexec, with its full dependency tree pip-installed from a
+pinned, vendored wheels tarball (no network access at build time). The
+console scripts nxc, netexec and nxcdb are symlinked into /usr/bin.
+
+x86_64 only. NetExec requires Python >=3.10, so this package targets
+Slackware -current (Python 3.12); it will not run on -stable
+(Python 3.9).
+
+The compiled extension modules in the virtualenv are tied to the
+build-time Python minor version. If -current bumps its Python (for
+example 3.12 to 3.13), rebuild this package against the new interpreter.
+
+Build prerequisite: the vendored wheels tarball
+(netexec-wheels-<version>.tar.gz) is generated separately with the
+mkwheels helper and hosted at packages.danix.xyz. The exact resolved
+dependency versions and hashes are recorded in requirements.txt
+(installed under /usr/doc/netexec-<version>/), kept as an audit record.
+
+Note: NetExec's git-sourced dependencies (impacket, certipy-ad,
+oscrypto, pynfsclient) pin unversioned git refs upstream. They are
+frozen at vendor time into the wheels tarball, so once built the package
+is reproducible.
diff --git a/netexec/netexec.SlackBuild b/netexec/netexec.SlackBuild
new file mode 100644
index 0000000..552b6b1
--- /dev/null
+++ b/netexec/netexec.SlackBuild
@@ -0,0 +1,127 @@
+#!/bin/bash
+
+# Slackware build script for netexec
+
+# Copyright 2026 danix <danix@danix.xyz>
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+cd $(dirname $0) ; CWD=$(pwd)
+
+PRGNAM=netexec
+VERSION=${VERSION:-1.5.1}
+BUILD=${BUILD:-1}
+TAG=${TAG:-_SBo}
+PKGTYPE=${PKGTYPE:-tgz}
+
+# The upstream GitHub archive unpacks to a capitalized directory name.
+SRCNAM=NetExec
+
+# Name of the vendored wheels tarball (hosted by the maintainer).
+WHEELS=${PRGNAM}-wheels-${VERSION}
+
+# Install prefix for the self-contained virtualenv.
+VENVDIR=/opt/$PRGNAM
+
+if [ -z "$ARCH" ]; then
+ case "$( uname -m )" in
+ i?86) ARCH=i586 ;;
+ arm*) ARCH=arm ;;
+ *) ARCH=$( uname -m ) ;;
+ esac
+fi
+
+# Several deps ship platform-specific compiled wheels (cryptography, pypykatz
+# crypto). The vendored wheels tarball is x86_64-only; bail out clearly on
+# other arches rather than failing deep in pip.
+if [ "$ARCH" != "x86_64" ]; then
+ echo "$PRGNAM is only supported on x86_64."
+ exit 1
+fi
+
+TMP=${TMP:-/tmp/SBo}
+PKG=$TMP/package-$PRGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+PKGNAM=$PRGNAM # PRINT_PACKAGE_NAME
+if [ "$PRINT_PACKAGE_NAME" ]; then
+ echo "$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE"
+ exit 0
+fi
+
+set -e
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $SRCNAM-$VERSION
+tar xvf $CWD/$SRCNAM-$VERSION.tar.gz
+cd $SRCNAM-$VERSION
+
+chown -R root:root .
+find -L . \
+ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
+ -o -perm 511 \) -exec chmod 755 {} \+ -o \
+ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
+ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \+
+
+# Unpack the vendored wheels. The tarball extracts to a top-level wheels/ dir.
+rm -rf $TMP/wheels
+tar xvf $CWD/$WHEELS.tar.gz -C $TMP
+
+# Build the self-contained virtualenv at the install prefix and install
+# netexec plus its full dependency tree from the local wheels only. No
+# network access at build time.
+python3 -m venv $PKG$VENVDIR
+$PKG$VENVDIR/bin/pip install --no-index --find-links=$TMP/wheels \
+ netexec==$VERSION
+
+# venvs are not relocatable: the absolute build path ($PKG$VENVDIR) is baked
+# into bin/* script shebangs and pyvenv.cfg. Rewrite it to the installed
+# prefix so the venv resolves at $VENVDIR after the package is installed.
+sed -i "s|$PKG$VENVDIR|$VENVDIR|g" \
+ $PKG$VENVDIR/pyvenv.cfg \
+ $PKG$VENVDIR/bin/*
+# pip leaves the venv's own python as a symlink to the build host's python3;
+# that resolves fine on the target since it points at the system interpreter.
+
+# Drop pip's cached wheels and bytecode build noise from the package.
+rm -rf $PKG$VENVDIR/share/python-wheels 2>/dev/null || true
+
+# Strip compiled extension modules in the venv (cryptography et al.).
+find $PKG$VENVDIR -name '*.so' -print0 \
+ | xargs -0 strip --strip-unneeded 2> /dev/null || true
+
+# Console-script symlinks into the default PATH.
+mkdir -p $PKG/usr/bin
+for bin in nxc netexec nxcdb; do
+ ln -sf $VENVDIR/bin/$bin $PKG/usr/bin/$bin
+done
+
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+cp -a LICENSE README.md \
+ $PKG/usr/doc/$PRGNAM-$VERSION 2>/dev/null || true
+cp -a $CWD/requirements.txt $PKG/usr/doc/$PRGNAM-$VERSION/requirements.txt
+cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE
diff --git a/netexec/netexec.info b/netexec/netexec.info
new file mode 100644
index 0000000..9d158ce
--- /dev/null
+++ b/netexec/netexec.info
@@ -0,0 +1,12 @@
+PRGNAM="netexec"
+VERSION="1.5.1"
+HOMEPAGE="https://github.com/Pennyw0rth/NetExec"
+DOWNLOAD="UNSUPPORTED"
+MD5SUM=""
+DOWNLOAD_x86_64="https://github.com/Pennyw0rth/NetExec/archive/v1.5.1/NetExec-1.5.1.tar.gz \
+ https://packages.danix.xyz/sbo/netexec/netexec-wheels-1.5.1.tar.gz"
+MD5SUM_x86_64="15926190d369045d0855b0311774af25 \
+ 5a21fee9c42ec987bc66bf3cd9d450f5"
+REQUIRES=""
+MAINTAINER="danix"
+EMAIL="danix@danix.xyz"
diff --git a/netexec/requirements.txt b/netexec/requirements.txt
new file mode 100644
index 0000000..bddf449
--- /dev/null
+++ b/netexec/requirements.txt
@@ -0,0 +1,90 @@
+aardwolf==0.2.14 --hash=sha256:5792680f427fe37aa598ea14d959c6a889541e631fdfbe78d16a9f0750489c14
+aesedb==0.1.8 --hash=sha256:e6a3bc77ab9187d79cfeca27620ae21e331ebb66f5ea9254a136e3e29dd8b23a
+aiosmb==0.4.14 --hash=sha256:613e6ffc4f2c1d56e48e69943064946403a5c12d43198d9d556e4b04912c0f60
+aiowinreg==0.0.13 --hash=sha256:2e0809f05d62337cb2218d11dcf7ee08eb8c319382dd564293425f03cd332c9b
+anyio==4.14.1 --hash=sha256:4e5533c5b8ff0a24f5d7a176cbe6877129cd183893f66b537f8f227d10527d72
+arc4==0.5.0 --hash=sha256:7a3b4325e550a8bc2b56484edf91a983d2bd3f32fae8f169d5a5846a22554ea9
+argcomplete==3.6.3 --hash=sha256:f5007b3a600ccac5d25bbce33089211dfd49eab4a7718da3f10e3082525a92ce
+asn1crypto==1.5.1 --hash=sha256:db4e40728b728508912cbb3d44f19ce188f218e9eba635821bb4b68564f8fd67
+asn1tools==0.167.0 --hash=sha256:8d92e002bf8d2557f71fa002b1d7c507dcd3d0a07b1eec074b477134ebaf5873
+asyauth==0.0.23 --hash=sha256:bbca62d10c4b0d2585103791d7451adda325c3d654114253638456fe84d39b0e
+asysocks==0.2.18 --hash=sha256:a881536456d922a9fde44031aba262bc34ee39a9d14749ded1e8a4820602a37d
+bcrypt==5.0.0 --hash=sha256:611f0a17aa4a25a69362dcc299fda5c8a3d4f160e2abb3831041feb77393a14a
+beautifulsoup4==4.13.5 --hash=sha256:642085eaa22233aceadff9c69651bc51e8bf3f874fb6d7104ece2beb24b47c4a
+bitstruct==8.22.1 --hash=sha256:f965015d75e7cc949dff3783f82378a135fe67ac549a41d7b90eb0abf06fa81d
+blinker==1.9.0 --hash=sha256:ba0efaa9080b619ff2f3459d1d500c57bddea4a6b424b60a91141db6fd2f08bc
+bloodhound_ce==1.9.1 --hash=sha256:bb3bd6fb67b9337c738d4168b4f712b0d5544bb543c7405cc27977e61f67bab6
+certifi==2026.6.17 --hash=sha256:2227dcbaafe0d2f59279d1762ddddc37783ed4354594f194ffc31d20f41fc3db
+certipy_ad==5.0.4 --hash=sha256:7d8684359d09c05c2f0d2985353d247796842799fe0a38cdee892d98e8a1e862
+cffi==2.0.0 --hash=sha256:3e17ed538242334bf70832644a32a7aae3d83b57567f9fd60a26257e992b79ba
+charset_normalizer==3.4.7 --hash=sha256:5649fd1c7bade02f320a462fdefd0b4bd3ce036065836d4f42e0de958038e116
+click==8.4.2 --hash=sha256:e6f9f66136c816745b9d65817da91d61d957fb16e02e4dcd0552553c5a197b76
+colorama==0.4.6 --hash=sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6
+cryptography==42.0.8 --hash=sha256:9c0c1716c8447ee7dbf08d6db2e5c41c688544c61074b54fc4564196f55c25a7
+dnspython==2.7.0 --hash=sha256:b4c34b7d10b51bcc3a5071e7b8dee77939f1e878477eeecc965e9835f63c6c86
+dploot==3.2.2 --hash=sha256:8c7e436f382af7ae46642b8dbb91a4aa0818a2556c3ef802197ffd95ba9c8ea9
+dsinternals==1.2.5 --hash=sha256:25c544558381a86644fc6ef3b131f2a7450675b35e324553cb414b696d86d7bd
+flask==3.1.3 --hash=sha256:f4bcbefc124291925f1a26446da31a5178f9483862233b23c0c96a20701f670c
+greenlet==3.5.2 --hash=sha256:1f052fff492c52fdfa99bd3b3c1389a53de37dae76a0562741417f0d018f02b3
+h11==0.16.0 --hash=sha256:63cf8bbe7522de3bf65932fda1d9c2772064ffb3dae62d55932da54b31cb6c86
+httpcore==1.0.9 --hash=sha256:2d400746a40668fc9dec9810239072b40b4484b640a8c38fd654a024c7a1bf55
+httpx==0.28.1 --hash=sha256:d909fcccc110f8c7faf814ca82a9a4d816bc5a6dbfea25d6591d6985b8ba59ad
+idna==3.18 --hash=sha256:7f952cbe720b688055e3f87de14f5c3e5fdaa8bc3928985c4077ca689de849a2
+impacket==0.14.0.dev0+20260619.174856.9a5621d4 --hash=sha256:6fff2d46ebae61a420bf728d75dfedea97c7bc82e1c31dab372c4f246b68331d
+invoke==3.0.3 --hash=sha256:f11327165e5cbb89b2ad1d88d3292b5113332c43b8553b494da435d6ec6f5053
+itsdangerous==2.2.0 --hash=sha256:c6242fc49e35958c8b15141343aa660db5fc54d4f13a1db01a3f5891b98700ef
+jinja2==3.1.6 --hash=sha256:85ece4451f492d0c13c5dd7c13a64681a86afae63a5f347908daf103ce6d2f67
+jwt==1.4.0 --hash=sha256:7560a7f1de4f90de94ac645ee0303ac60c95b9e08e058fb69f6c330f71d71b11
+ldap3==2.9.1 --hash=sha256:5869596fc4948797020d3f03b7939da938778a0f9e2009f7a072ccf92b8e8d70
+ldapdomaindump==0.10.0 --hash=sha256:3797259596df7a5e1fda98388c96b1d94196f5da5551f1af1aaeedda0c9f5a11
+lsassy==3.1.16 --hash=sha256:e2672e193815db96ddb3078c6bda1c3e96d425a1072690bf8b8fc17b417c8c2e
+lxml==6.1.1 --hash=sha256:ebe6af670449830d6d9b752c256a983291c766a1365ba5d5460048f9e33a7818
+markdown_it_py==4.2.0 --hash=sha256:9f7ebbcd14fe59494226453aed97c1070d83f8d24b6fc3a3bcf9a38092641c4a
+markupsafe==3.0.3 --hash=sha256:d6dd0be5b5b189d31db7cda48b91d7e0a9795f31430b7f271219ab30f1d3ac9d
+masky==0.2.1 --hash=sha256:bcf545f5e2b762fc49df2f29aa934498bb5dd37ba0a28e0c1683acee2e5ef14b
+mdurl==0.1.2 --hash=sha256:84008a41e51615a49fc9966191ff91509e3c40b939176e643fd50a5c2196b8f8
+minidump==0.0.24 --hash=sha256:9c016e35c8fe37c82a01b0a266f5416a0b0138934d92affb436ac2e72372bec6
+minikerberos==0.4.9 --hash=sha256:3c3a422541bc66719bd495f89cb6f9e149fba8f1499b9f550aa88cd9aa532ffa
+msldap==0.5.15 --hash=sha256:ee4224cf3964c386a52424a4b6d763a866b4d7ae6d5597a0af58611588668531
+neo4j==6.2.0 --hash=sha256:b87abdd13a5cc2e3bd51026926c2f20ac38fa3febe98c340520dce19e97388d0
+netaddr==1.3.0 --hash=sha256:c2c6a8ebe5554ce33b7d5b3a306b71bbb373e000bbbf2350dd5213cc56e3dbbe
+netexec==1.5.1 --hash=sha256:6a54bdf26293af56091b034a7256df75800579afe3a0aea8d31d8303cd79584c
+oscrypto==1.3.0 --hash=sha256:5c362134285f23b9d0a9bd6027ba9e79af2be3da0c513655ccf5798cd4b92724
+paramiko==5.0.0 --hash=sha256:b7044611c30140d9a75261653210e2002977b71a0497ff3ba0d98d7edbf62f7c
+pefile==2024.8.26 --hash=sha256:76f8b485dcd3b1bb8166f1128d395fa3d87af26360c2358fb75b80019b957c6f
+pillow==12.2.0 --hash=sha256:62f5409336adb0663b7caa0da5c7d9e7bdbaae9ce761d34669420c2a801b2780
+prompt_toolkit==3.0.52 --hash=sha256:9aac639a3bbd33284347de5ad8d68ecc044b91a762dc39b7c21095fcd6a19955
+pyasn1==0.6.3 --hash=sha256:a80184d120f0864a52a073acc6fc642847d0be408e7c7252f31390c0f4eadcde
+pyasn1_modules==0.4.2 --hash=sha256:29253a9207ce32b64c3ac6600edc75368f98473906e8fd1043bd6b5b1de2c14a
+pycparser==3.0 --hash=sha256:b727414169a36b7d524c1c3e31839a521725078d7b2ff038656844266160a992
+pycryptodome==3.22.0 --hash=sha256:a0092fd476701eeeb04df5cc509d8b739fa381583cda6a46ff0a60639b7cd70d
+pycryptodomex==3.23.0 --hash=sha256:f489c4765093fb60e2edafdf223397bc716491b2b69fe74367b70d6999257a5c
+pygments==2.20.0 --hash=sha256:81a9e26dd42fd28a23a2d169d86d7ac03b46e2f8b59ed4698fb4785f946d0176
+pylnk3==0.4.3 --hash=sha256:fafa9293290163fed30541fb38f7df21a0e3f6fcc8324597a898ce694c9a593d
+pynacl==1.6.2 --hash=sha256:c8a231e36ec2cab018c4ad4358c386e36eede0319a0c41fed24f840b1dac59f6
+pynfsclient==0.1.5 --hash=sha256:35f36bf6137f27fe3684f23a1b7603181b554912cf0f27b86d55362aef044055
+pyopenssl==25.1.0 --hash=sha256:2b11f239acc47ac2e5aca04fd7fa829800aeee22a2eb30d744572a157bd8a1ab
+pyparsing==3.3.2 --hash=sha256:850ba148bd908d7e2411587e247a1e4f0327839c40e2e5e6d05a007ecc69911d
+pyperclip==1.11.0 --hash=sha256:299403e9ff44581cb9ba2ffeed69c7aa96a008622ad0c46cb575ca75b5b84273
+pypsrp==0.9.1 --hash=sha256:1217b03397589f8e77c98dc9d2a4af2abc34a89ccc15efd4b6758ec76eb1bb7d
+pypykatz==0.6.13 --hash=sha256:c715fc22af49b893dc15e4e376ff167107ad602e1f91a5a2320c3aa7a7e41e3c
+pyspnego==0.12.1 --hash=sha256:7237cb47985ccf5da512106ddb2731e4f9cefec00991f76c054488eb95fb1a2d
+python_dateutil==2.9.0.post0 --hash=sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427
+python_libnmap==0.7.3 --hash=sha256:bb7f7d8debc37ae7fa3fbfcf46f430777b61c2334f9eecae99b9f932988874f7
+pytz==2026.2 --hash=sha256:04156e608bee23d3792fd45c94ae47fae1036688e75032eea2e3bf0323d1f126
+requests==2.32.5 --hash=sha256:2462f94637a34fd532264295e186976db0f5d453d1cdd31473c85a6a161affb6
+rich==15.0.0 --hash=sha256:33bd4ef74232fb73fe9279a257718407f169c09b78a87ad3d296f548e27de0bb
+six==1.17.0 --hash=sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274
+soupsieve==2.8.4 --hash=sha256:e7e6b0769c8f51ed59acab6e994b00621096cfb1c640a7509295987388fbaf65
+sqlalchemy==2.0.51 --hash=sha256:1d21ce524ab86c23046e992a5b81cb54c21079c6df6e78b8fc77d77cac70a6b9
+tabulate==0.10.0 --hash=sha256:f0b0622e567335c8fabaaa659f1b33bcb6ddfe2e496071b743aa113f8774f2d3
+termcolor==3.3.0 --hash=sha256:cf642efadaf0a8ebbbf4bc7a31cec2f9b5f21a9f726f4ccbb08192c9c26f43a5
+terminaltables==3.1.10 --hash=sha256:e4fdc4179c9e4aab5f674d80f09d76fa436b96fdc698a8505e0a36bf0804a874
+tqdm==4.68.3 --hash=sha256:39832cc2def2789a6f29df83f172db7416cea70052c0907a57801c5f2fdccb03
+typing_extensions==4.15.0 --hash=sha256:f0fa19c6845758ab08074a0cfa8b7aecb71c999ca73d62883bc25cc018c4e548
+unicrypto==0.0.12 --hash=sha256:6fb7e9bbaa60c49128ad6584201290ead99b703ae834c28911c82ddca38a0d6f
+urllib3==2.7.0 --hash=sha256:9fb4c81ebbb1ce9531cce37674bbc6f1360472bc18ca9a553ede278ef7276897
+wcwidth==0.8.1 --hash=sha256:f453740b1e4a4f3291faa37944c555d71056c4da08d59809b307ef4feba695c8
+werkzeug==3.1.8 --hash=sha256:63a77fb8892bf28ebc3178683445222aa500e48ebad5ec77b0ad80f8726b1f50
+winacl==0.1.9 --hash=sha256:31ba781a35f3b1bd3c2ece994816c0a5fe113c73018689ab6118010ac0d15099
+xmltodict==1.0.4 --hash=sha256:a4a00d300b0e1c59fc2bfccb53d7b2e88c32f200df138a0dd2229f842497026a
diff --git a/netexec/slack-desc b/netexec/slack-desc
new file mode 100644
index 0000000..156e2f8
--- /dev/null
+++ b/netexec/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.
+# Line up the first '|' above the ':' following the base package name, and
+# the '|' on the right side marks the last column you can put a character in.
+# You must make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':' except on otherwise blank lines.
+
+ |-----handy-ruler------------------------------------------------------|
+netexec: netexec (network execution and post-exploitation tool)
+netexec:
+netexec: NetExec (nxc) is a network service exploitation tool that automates
+netexec: assessing the security of large networks. It supports protocols such
+netexec: as SMB, LDAP, MSSQL, SSH, WinRM, RDP and more, with modules for
+netexec: credential dumping, lateral movement, and enumeration.
+netexec:
+netexec: It is a maintained fork of CrackMapExec.
+netexec:
+netexec: Homepage: https://github.com/Pennyw0rth/NetExec
+netexec: