lefayjey
commented
2 months ago Sure, good idea! I've never used it before.
Are the default throttling parameters okey ? or you do have a preference?
Thanks
Closed danti1988 closed 2 months ago
lefayjey
commented
2 months ago Sure, good idea! I've never used it before.
Are the default throttling parameters okey ? or you do have a preference?
Thanks
danti1988
commented
2 months ago I normally run it like this, which might be a bit conservative, but its a lot quicker.
ldapnomnom --input 10m_usernames.txt --output multiservers.txt --dnsdomain contoso.local --maxservers 4 --parallel 8
I also run it across all files within https://github.com/insidetrust/statistically-likely-usernames, like this
for file in /opt/lwp-scripts/statistically-likely-usernames/*; do ./ldapnomnom --input "$file" --output "/opt/lwp-scripts/statistically-likely-usernames/output_$(basename "$file").txt" --dnsdomain corp.com --maxservers 4 --parallel 8; done
then combine them into one file like this
/opt/lwp-scripts/statistically-likely-usernames/output_*.txt > all_usernames.txt
lefayjey
commented
2 months ago Thanks! Yeah I'll use those settings then, that's okey for me. But unfortunately I can't go through multiple username files in the tool.
I suggest you merge all the files in one, and remove duplicates (which would make it faster), and then choose it as the username list file with the -U parameter
lefayjey
commented
2 months ago
User brute-force would be a lot quicker if ldapnomnom was used, could this be implemented? https://github.com/lkarlslund/ldapnomnom