From 4778effde3a557d440eee6a9f4a6035b6a7233c0 Mon Sep 17 00:00:00 2001 From: "Mohamed A. Baset" Date: Thu, 30 May 2019 00:31:11 -0500 Subject: [PATCH] Create README.md --- .../SMBruteBunny/mmcbrute/README.md | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 payloads/library/credentials/SMBruteBunny/mmcbrute/README.md diff --git a/payloads/library/credentials/SMBruteBunny/mmcbrute/README.md b/payloads/library/credentials/SMBruteBunny/mmcbrute/README.md new file mode 100644 index 00000000..5cc71bfe --- /dev/null +++ b/payloads/library/credentials/SMBruteBunny/mmcbrute/README.md @@ -0,0 +1,31 @@ + +## Description +Initiate a Microsoft Management Console (MMC) DCOM bruteforce. This script was inspired by mmcexec.py in the impacket library. The idea is to use the error codes that return after an attempted connection to determine if credentials are valid. + +This script is useful for environments where smb logins are disabled, thus preventing the smb reverse bruteforce. The target must be a domain joined windows host with the windows firewall off. The firewall must be off because by default because DCOM connections are not authorized by the Windows Firewall. + +By default, the script will not show failed login attempts. To view failed login attempts you must specify the verbose option, -v. The script is also designed to quit if an account lockout is detected. If this is not desired you must specify honey badger mode, -b. You are also able to tell mmcbrute that you want to try user as pass by specifying -U. See the help menu for a full list of options (-h). + +A progress bar will update in real time to let you know how the attack is progressing. There's nothing more frustrating than a bruteforcer that doesn't provide any feedback as it's running. + +## Output +![honey badger mode](https://user-images.githubusercontent.com/11075149/33751087-62af2cec-dba6-11e7-9924-ae7445125768.png) + +## Requirements +The impacket library is required in order to run this script. +``` +pip2 install impacket +``` + +If that fails, you can get the library from here. +``` +https://github.com/CoreSecurity/impacket +``` + +## Example Usage: +users.txt = Unique usernames separated by new lines + +pass.txt = Unique passwords separated by new lines +``` +./mmcbrute.py -t 10.10.10.10 -d DOMAIN -u users.txt -p pass.txt +```