acccheck包装说明

该工具被设计成一个密码字典攻击的工具,通过SMB协议针对Windows身份验证。这实在是围绕“smbclient的”二元包装脚本,并作为一个结果是依赖于它的执行。

资料来源:https://labs.portcullis.co.uk/tools/acccheck/
acccheck首页 | 卡利acccheck回购

  • 作者:费萨尔院长
  • 许可:GPL第二版

包含在acccheck包工具

acccheck - 密码字典攻击工具,为中小企业
root@kali:~# acccheck

acccheck v0.2.1 - By Faiz

Description:
Attempts to connect to the IPC$ and ADMIN$ shares depending on which flags have been
chosen, and tries a combination of usernames and passwords in the hope to identify
the password to a given account via a dictionary password guessing attack.

Usage = ./acccheck [optional]

-t [single host IP address]
OR
-T [file containing target ip address(es)]

Optional:
-p [single password]
-P [file containing passwords]
-u [single user]
-U [file containing usernames]
-v [verbose mode]

Examples
Attempt the 'Administrator' account with a [BLANK] password.
acccheck -t 10.10.10.1
Attempt all passwords in 'password.txt' against the 'Administrator' account.
acccheck -t 10.10.10.1 -P password.txt
Attempt all password in 'password.txt' against all users in 'users.txt'.
acccehck -t 10.10.10.1 -U users.txt -P password.txt
Attempt a single password against a single user.
acccheck -t 10.10.10.1 -u administrator -p password

acccheck用法示例

扫描包含在SMB-ips.txt(T)的IP地址,并使用详细输出(-v):

root@kali:~# acccheck.pl -T smb-ips.txt -v
Host:192.168.1.201, Username:Administrator, Password:BLANK