冰凌汇编

 找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索
查看: 112|回复: 0
收起左侧

[Linux] CredNinja.转储凭据或散列的测试凭证有效性

[复制链接]
bingling 发表于 2022-1-10 20:50:45
CredNinja是一种工具,用于快速测试在整个网络或域中转储凭据(或散列)的凭据有效性。
CredNinja.转储凭据或散列的测试凭证有效性 - bingling_冰凌汇编

它的核心是为它提供已转储的凭据列表(或散列,它可以传递-散列)和域上的系统列表(作者建议先扫描端口445,或者使用“-扫描”)。它将告诉您转储的凭据是否在域上有效,以及您是否具有本地管理员对主机的访问权限。


使用CredNinja测试转储凭据或散列的凭据有效性
[XML] 纯文本查看 复制代码
.d8888b.                       888 888b    888 d8b d8b 
  d88P Y88b                      888 8888b   888 Y8P Y8P          
  888    888                      888 88888b  888                            
  888        888d888 .d88b.   .d88888 888Y88b 888 888 88888b.  8888  8888b.  
  888        888P" d8P Y8b d88" 888 888 Y88b888 888 888 "88b "888     "88b 
888 888 888 88888888 888 888 888 Y88888 888 888 888 888 .d888888 
Y88b d88P 888 Y8b. Y88b 888 888 Y8888 888 888 888 888 888 888 
   "Y8888P"  888     "Y8888   "Y88888 888 Y888 888 888 888 888 "Y888888 
                                                                888          
                                                               d88P          
                                                             888P"           

v2.3 (Built 1/26/2018) - Chris King (@raikiasec)

For help: ./CredNinja.py -h

usage: CredNinja.py -a accounts_to_test.txt -s systems_to_test.txt
[-t THREADS] [--ntlm] [--valid] [--invalid] [-o OUTPUT]
[-p PASSDELIMITER] [--delay SECONDS %JITTER]
[--timeout TIMEOUT] [--stripe] [--scan]
[--scan-timeout SCAN_TIMEOUT] [-h] [--no-color] [--os]
[--domain] [--users] [--users-time USERS_TIME]

Quickly check the validity of multiple user credentials across multiple
servers and be notified if that user has local administrator rights on each
server.

Required Arguments:
-a accounts_to_test.txt, --accounts accounts_to_test.txt
A word or file of user credentials to test. Usernames
are accepted in the form of "DOMAIN\USERNAME:PASSWORD"
-s systems_to_test.txt, --servers systems_to_test.txt
A word or file of servers to test against. This can
be a single system, a filename containing a list of
systems, a gnmap file, or IP addresses in cidr notation.
Each credential will be tested against each of these
servers by attempting to browse C$ via SMB

Optional Arguments:
-t THREADS, --threads THREADS
Number of threads to use. Defaults to 10
--ntlm Treat the passwords as NTLM hashes and attempt to
pass-the-hash!
--valid Only print valid/local admin credentials
--invalid Only print invalid credentials
-o OUTPUT, --output OUTPUT
Print results to a file
-p PASSDELIMITER, --passdelimiter PASSDELIMITER
Change the delimiter between the account username and
password. Defaults to ":"
  --delay SECONDS %JITTER
                        Delay each request per thread by specified seconds
                        with jitter (example: --delay 20 10, 20 second delay
                        with 10% jitter)
  --timeout TIMEOUT Amount of seconds wait for data before timing out.
                        Default is 15 seconds
  --stripe Only test one credential on one host to avoid spamming
                        a single system with multiple login attempts (used to
                        check validity of credentials). This will randomly
                        select hosts from the provided host file.
  --scan Perform a quick check to see port 445 is available on
                        the host before queueing it up to be processed
  --scan-timeout SCAN_TIMEOUT
                        Sets the timeout for the scan specified by --scan
                        argument. Default of 2 seconds
  -h, --help Get help about this script's usage
  --no-color Turns off output color. Written file is always
                        colorless

Additional Information Retrieval:
  --os Display the OS of the system if available (no extra
                        request is being sent)
  --domain Display the primary domain of the system if available
                        (no extra request is being sent)
  --users List the users that have logged in to the system in
                        the last 6 months (requires LOCAL ADMIN). Returns
                        usernames with the number of days since their home
                        directory was changed. This sends one extra request to
                        each host
  --users-time USERS_TIME
                        Modifies --users to search for users that have logged
                        in within the last supplied amount of days (default
                        100 days)

这个工具确实在大型网络上闪闪发光,在那里它可以非常快地解析大量的主机。
它打算在kali linux上运行。
您可以在这里下载CredNinja:
CredNinja.转储凭据或散列的测试凭证有效性 - bingling_冰凌汇编 CredNinja-master.zip (4.75 MB, 下载次数: 0)

冰凌汇编免责声明
以上内容均来自网友转发或原创,如存在侵权请发送到站方邮件9003554@qq.com处理。
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|小黑屋|站点统计|Archiver|小黑屋|RSS|冰凌汇编 ( 滇ICP备2022002049号 滇公网安备 53032102000029号)|网站地图

GMT+8, 2022-9-25 07:37 , Processed in 0.132416 second(s), 8 queries , Redis On.

冰凌汇编 - 建立于2021年12月20日

Powered by Discuz! © 2001-2022 Comsenz Inc.

快速回复 返回顶部 返回列表