-
It seems I've managed to trick the system. I just happened to test with this password format and the change was accepted, so I thought it wasn't working, but having tested further it seems like using …
-
I'm trying to create a step that performs a password spray attack. Here is a snippet of code - which requires the step `GetComputers` to run first:
```
@staticmethod
def description(rat,…
-
Is there a way to get this to work when Elasticsearch requires authentication? I can get a standalone instance of ElastAlert to work using basic authentication but I cannot seem to get the bitsensor/e…
-
Having OTP functionality encourages people to use this functionality and store OTP together with password in the single pass file.
However given that OTP codes are mostly used for 2FA, promoting p…
-
If I do a password spray with a file of users and a single password against a host, CME stops on the first success. I'd like for it to keep going. Can there be a flag to let it continue? For example, …
-
The suggestion is that in addition to the password file provided, an option/switch to attempt to use the username as the password when password-spraying accounts.
-
I am writing a step that will perform a password spray attack on computers that are found in the domain using the `GetComputers` step. The postproperties of the `GetComputers` step is the `host_g` va…
-
## Steps to reproduce
cme -u USERSLIST.txt -p Password1234 -d DOMAIN
If users list is more than 367, it stops at 367th user and doesn't seem to continue.
-
@noloader,
Please forgive me in advance if this issue should go to the mailing list but:
1. this issue is more of a request than a question
2. there is no cryptopp project/meta repo
3. https:/…
-
finally got it fixed:
https://github.com/ValveSoftware/halflife/issues/387#issuecomment-249436648
UPDATE:
https://github.com/ValveSoftware/halflife/issues/387#issuecomment-90850841
its going to be a…