Add ability to run against a colon separated file with username and password/ntlm hash pairs.

byt3bl33d3r / CrackMapExec

A swiss army knife for pentesting networks

BSD 2-Clause "Simplified" License

8.37k stars 1.64k forks source link

Add ability to run against a colon separated file with username and password/ntlm hash pairs. #410

Closed Maleick closed 3 years ago

Maleick commented 4 years ago

Feature Request

I would greatly appreciate the ability to provide CME a file with either:

username:password
username:HASH

Detailed issue explanation

Currently, I have to run CME anywhere from ten to thirty times during the course of a penetration test and maintain separate files to verify the level of access obtained.

I have attempted to solve this with a for loop in bash but my skills are apparently lacking.

Thank you!

mpgn commented 3 years ago

Simple, just put all the username in one file and all the password in another file and then

#~ cme smb 192.168.1.101 -u user.txt -p password.txt --no-bruteforce --continue-on-succes

https://mpgn.gitbook.io/crackmapexec/smb-protocol/password-spraying#checking-one-login-equal-one-password-using-wordlist

Maleick commented 3 years ago

Great. Thank you, I will give that a whirl. --no-bruteforce appears to give me what I am looking for.

mpgn commented 3 years ago

It's a new option from the v5 :+1: