Using crackmapexec to do a credential spraying attack
CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Using we can brute force credential for active directory protocols. All protocols support brute-forcing and password spraying.
By specifying a file or multiple values CME will automatically brute-force logins for all targets using the specified protocol:
crackmapexec <protocol> <target(s)> -u username1 -p password1 password2
crackmapexec <protocol> <target(s)> -u username1 username2 -p password1
crackmapexec <protocol> <target(s)> -u ~/file_containing_usernames -p ~/file_containing_passwords
crackmapexec <protocol> <target(s)> -u ~/file_containing_usernames -H ~/file_containing_ntlm_hashes
Comments are closed, but trackbacks and pingbacks are open.