8000 GitHub - vmamuaya/SMB-reverse-brute: Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords · GitHub
[go: up one dir, main page]
Skip to content

vmamuaya/SMB-reverse-brute

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
ridenum @ 68376ce
ridenum @ 68376ce
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
Pipfile
Pipfile
 
 
Pipfile.lock
Pipfile.lock
 
 
README.md
README.md
 
 
SMB-reverse-brute.py
SMB-reverse-brute.py
 
 
install.sh
install.sh
 
 

Repository files navigation

SMB-reverse-brute

Performs a 2 password reverse bruteforce against any hosts with NULL SMB sessions that allow RID cycling for usernames. Takes a hostlist file or an Nmap XML output file as input.

  • Takes input in form of Nmap XML or hostlist file
  • Finds any open 445 ports
  • Attempts a NULL SMB session (connecting over SMB without a password)
  • On success will perform RID cycling to gather domain usernames
  • Prevents account lockout by creating list of unique usernames and bruteforcing each one with two passwords:
    • P@ssw0rd
    • <Current_season><current_year> such as Summer2017

Installation

git clone https://github.com/DanMcInerney/SMB-reverse-brute
cd SMB-reverse-brute
./install.sh
pipenv shell

Usage

Read from Nmap XML file

python SMB-reverse-brute.py -x nmapfile.xml

Read from a hostlist of newline separated IPs or CIDR addresses. Also use your own password list.

python SMB-reverse-brute.py -l hostlist.txt -p passwords.txt

About

Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Python 96.4%
  • Shell 3.6%
0