Windows SMB Cracker
Bruteforce windows accounts remotely through SMB/CIFS and your provided credentials and password lists.
Success Statuses
- local-access: can be accessed locally
- smb-access successfully accessed through smb
- restricted-access sign-in works but no remote file access
- login-only sign-in works no smb or local
Download
Be sure to have at least Java 11 installed.
Extract the latest release zip file and run windows-smb-cracker-yyyyMMdd.HHmmss.jar.
Build
Use the clean build commands to test a build. Use the run command to build and run.
$ ./gradlew clean build
$ ./gradlew runPackage
Run the package command then zip up the build/package folder contents for a release.
$ ./gradlew packageJarCompatibility
The tables below show which versions of Windows can and cannot be cracked with this tool and whether or not they have been tested.
In order to crack successfully, you should be able to successfully ping the machine. When starting the cracker, it will also check if SMB ports are open (137,138,139,445). A warning-overlay will show asking to continue or cancel the operation.
- E stands for "expected to work" when not tested.
- N stands for "not expected to work" when not tested.
| Windows | Tested | Works | Version | Default CIFS Enabled |
|---|---|---|---|---|
| Windows 11+ | ✓ | ✓*** | SMB3.0 | ✕*** |
| Windows 10 v1709+ | ✓ | ✓*** | SMB3.0 | ✕*** |
| Windows 10 v1507-1703 | ✓ | ✓ | SMB3.0 | ✓ |
| Server 2016 | ✕ | E | SMB3.0 | ✓ |
| Server 2012 | ✓ | ✓ | SMB3.0 | ✓ |
| Windows 8.1 | ✕ | E | SMB3.0 | ✓ |
| Windows 8 | ✕ | E | SMB3.0 | ✓ |
| Windows 7 | ✓ | ✓ | SMB2.1 | ✓ |
| Server 2008 | ✕ | E | SMB2.1 | ✓ |
| Windows Vista | ✓ | ✓ | SMB2.0 | ✓ |
| Server 2003 | ✓ | ✓ | SMB1.0 | ✓ |
| Windows XP | ✓ | ✓** | SMB1.0 | ✓ |
| Windows ME | ✕ | N | SMB1.0 | ✕* |
| Windows 2000 | ✕ | N | SMB1.0 | ✕* |
| Server 2000 | ✕ | N | SMB1.0 | ✕* |
| Windows 98 | ✕ | N | SMB1.0 | ✕* |
- * CIFS Server must be manually enabled in order to connect.
- ** Windows XP default only accepts "guest" and any password.
- *** See section below for details. SMB/CIFS is no longer enabled by default and there is increased protection.
Windows 10 1709+, Windows 11, and later
In testing between two Windows 11 devices, the target device has to have
- Enabled
SMB 1.0/CIFS File Sharing Supportmanually in Windows Features - Enabled
File and printer sharingin Advanced sharing settings - Windows Firewall disabled
(Potentially) Your device doing the cracking will also at least need
- Enabled
SMB ClientandSMB Directin Windows Features
Then the cracker was able to successfully test connections, however file access did not work and likely further configuration is needed.
Additionally, Windows 11 introduces increased protection against SMB bruteforcing with an option to add a delay on failed attempts, see here. It appears though that a standard Windows 11 machine will have this delay set to 0.
Also to note is that the Windows Defender Firewall will protect against this as well now. After testing hundreds of incorrect logins, the correct login would no longer work until I disabled the firewall on the target Win11 machine.