General
Reply With QuoteIs it still uploading?
Results 1 to 8 of 8
-
06-17-2011 #1Upcoming MPGHiean
- Join Date
- Jul 2010
- Gender
- Posts
- 3,033
- Reputation
340- Thanks
- 2,792
- My Mood
-
Active Directory Dictionary Attack Tool
No one will probably find this useful... but... here's something I spent the last 5 minutes working on. It "tests" the security of a Active Directory user (so Active Directory, Windows domain logon etc...) by doing a dictionary attack.
This won't work if the server rate limits login attempts or anything, however. Also, there's an easier method to this, by just copying the cached password hashes and cracking them on a GPU (which is 10000x more efficient), but I don't have that liberty because I don't have physical access to the computers that the targets have logged into.
150MB worth of common passwords are provided.
Usage:
Switches available:Code:network.exe domain username [-update] [-nocrack]
- -update: Updates the password dictionary by merging all files in the resources/databases directory. It is assumed that on every line is a password. Empty lines are ignored.
- -nocrack: Does not attempt to find the password.
Progress is automatically saved every 1000 attempts, and successful combinations are stored somewhere under the ./resources directory (forgot where).
This has not been tested, I will be testing it live on Monday and if it works, giving the network administrator a little surprise :)
Source code and binaries attached. Code has not been refractored.
Requires .NET 3.5 to execute.
Download the binaries and source now.
(too large to upload to MPGH, unless you want 1000 parts)Last edited by freedompeace; 06-18-2011 at 12:08 AM. Reason: Added download link
-
06-17-2011 #2Still a Cookie at heart
- Join Date
- Mar 2011
- Gender
- Location
- Posts
- 6,113
- Reputation
- 394
- Thanks
- 363
-
06-18-2011 #3
ThreadstarterUpcoming MPGHiean
- Join Date
- Jul 2010
- Gender
- Posts
- 3,033
- Reputation
- 340
- Thanks
- 2,792
- My Mood
-
Oh, the state of Australian internet. I'm uploading at a fine 10kB/s, and the rest of my internet connection doesn't work because I'm maxing my upload.
Originally Posted by Cookie.
I will edit my post with the download link when the upload is complete, as currently inferred.
EDIT: file has been finally uploaded, and is available for download.Last edited by freedompeace; 06-18-2011 at 12:02 AM.
-
06-18-2011 #4Banned
- Join Date
- Jan 2011
- Gender
- Location
- Posts
- 3,734
- Reputation
- 133
- Thanks
- 1,621
- My Mood
-
Nice
.
-
06-18-2011 #5MPGH Addict
- Join Date
- Mar 2008
- Gender
- Location
- Posts
- 3,976
- Reputation
- 343
- Thanks
- 4,320
- My Mood
-
~ Link Approved ~
Ah we-a blaze the fyah, make it bun dem!
-
The Following User Says Thank You to Hell_Demon For This Useful Post:
freedompeace (06-18-2011)
-
06-18-2011 #6Still a Cookie at heart
- Join Date
- Mar 2011
- Gender
- Location
- Posts
- 6,113
- Reputation
- 394
- Thanks
- 363
I'll have a look at it when I get home
-
06-19-2011 #7
ThreadstarterUpcoming MPGHiean
- Join Date
- Jul 2010
- Gender
- Posts
- 3,033
- Reputation
- 340
- Thanks
- 2,792
- My Mood
-
Where'd be edit button go?
Anyway, I've just got the network administrator's credentials in under an hour.
A few code changes need to be made:
Under "Program.cs", change the line from
toCode:ActiveDirectoryServices.GetCrackin(args[1], args[2]);
Turns out C# truncates the first argument (the current directory).Code:ActiveDirectoryServices.GetCrackin(args[0], args[1]);
Also,must be present otherwise StreamWriter won't be able to open a file there. You can add this to the code if you want.Code:./resources/resume/
-
07-07-2013 #8New Member
- Join Date
- Jul 2013
- Gender
- Posts
- 1
- Reputation
- 10
- Thanks
- 0
Nice Job!
Link or source?
Link 404
Thanks!