byt3bl33d3r / CrackMapExec

A swiss army knife for pentesting networks
BSD 2-Clause "Simplified" License
8.43k stars 1.64k forks source link

Add support for password complexity #135

Closed archey closed 7 years ago

archey commented 8 years ago

The --pass-pol flag appears to be missing the password complexity, it would be nice if this could be added.

command syntax used

crackmapexec -u -p -d --pass-pol ip.addr

This should output the password complexity as well as the password policy, a good example is how enum4linux does it.

`$command = "rpcclient -W '$global_workgroup' -U'$global_username'\%'$global_password' '$global_target' -c \"getdompwinfo\" 2>&1";
        print "[V] Attempting to get Password Policy info with command: $command\n" if $verbose;
        $passpol_info =`$command`;
        chomp $passpol_info;
        print "\n";
        if (defined($passpol_info) and $passpol_info !~ /ACCESS_DENIED/) {
                print "[+] Retieved partial password policy with rpcclient:\n\n";
                if ($passpol_info =~ /password_properties: 0x[0-9a-fA-F]{7}0/) {
                        print "Password Complexity: Disabled\n";
                } elsif ($passpol_info =~ /password_properties: 0x[0-9a-fA-F]{7}1/) {
                        print "Password Complexity: Enabled\n";
                }
                if ($passpol_info =~ /min_password_length: (\d+)/) {
                        my $minlen = $1;
                        print "Minimum Password Length: $minlen\n";
                }
        } else {
                print "[E] Failed to get password policy with rpcclient\n";
        }
        print "\n";`
byt3bl33d3r commented 7 years ago

@archey will be added in v4.0 which will be released hopefully by the end of the month. Thanks man!

archey commented 7 years ago

How's 4.0 coming along?

byt3bl33d3r commented 7 years ago

@archey slow and steady, I want to get it right this time so I don't have another 'code rage' moment and decide to re-write the whole freaking thing again.

byt3bl33d3r commented 7 years ago

@archey just added support for this in the latest commit. Thanks mate!