kali信息收集工具之acccheck
2016-07-14 21:11
537 查看
The tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the ‘smbclient’ binary, and as a result is dependent on it for its execution.
一个基于微软SMB协议的口令攻击工具,IPC共享攻击工具
常用端口为135,139
个人感觉该工具攻击的范围及能力有限,不过在特定情况下也可以发挥一定的作用
acccheck – Password dictionary attack tool for SMB
root@kali:~# acccheck
acccheck v0.2.1 - By Faiz
Description:
Attempts to connect to the IPCandADMIN shares depending on which flags have been
chosen, and tries a combination of usernames and passwords in the hope to identify
the password to a given account via a dictionary password guessing attack.
Usage = ./acccheck [optional]
-t [single host IP address]
OR
-T [file containing target ip address(es)]
Optional:
-p [single password]
-P [file containing passwords]
-u [single user]
-U [file containing usernames]
-v [verbose mode]
Examples
Attempt the ‘Administrator’ account with a [BLANK] password.
acccheck -t 10.10.10.1
Attempt all passwords in ‘password.txt’ against the ‘Administrator’ account.
acccheck -t 10.10.10.1 -P password.txt
Attempt all password in ‘password.txt’ against all users in ‘users.txt’.
acccehck -t 10.10.10.1 -U users.txt -P password.txt
Attempt a single password against a single user.
acccheck -t 10.10.10.1 -u administrator -p password
acccheck Usage Example
Scan the IP addresses contained in smb-ips.txt (-T) and use verbose output (-v):
root@kali:~# acccheck.pl -T smb-ips.txt -v
Host:192.168.1.201, Username:Administrator, Password:BLANK
一个基于微软SMB协议的口令攻击工具,IPC共享攻击工具
常用端口为135,139
个人感觉该工具攻击的范围及能力有限,不过在特定情况下也可以发挥一定的作用
acccheck – Password dictionary attack tool for SMB
root@kali:~# acccheck
acccheck v0.2.1 - By Faiz
Description:
Attempts to connect to the IPCandADMIN shares depending on which flags have been
chosen, and tries a combination of usernames and passwords in the hope to identify
the password to a given account via a dictionary password guessing attack.
Usage = ./acccheck [optional]
-t [single host IP address]
OR
-T [file containing target ip address(es)]
Optional:
-p [single password]
-P [file containing passwords]
-u [single user]
-U [file containing usernames]
-v [verbose mode]
Examples
Attempt the ‘Administrator’ account with a [BLANK] password.
acccheck -t 10.10.10.1
Attempt all passwords in ‘password.txt’ against the ‘Administrator’ account.
acccheck -t 10.10.10.1 -P password.txt
Attempt all password in ‘password.txt’ against all users in ‘users.txt’.
acccehck -t 10.10.10.1 -U users.txt -P password.txt
Attempt a single password against a single user.
acccheck -t 10.10.10.1 -u administrator -p password
acccheck Usage Example
Scan the IP addresses contained in smb-ips.txt (-T) and use verbose output (-v):
root@kali:~# acccheck.pl -T smb-ips.txt -v
Host:192.168.1.201, Username:Administrator, Password:BLANK
相关文章推荐
- 所谓的IT精英、某宝支付架构师的招行账户一把损失20万,招行表示摊手!
- 新御剑1.5注入版(11.29)
- 80sec被黑原因分析
- 网络安全助手 - 御剑
- 突破”子网隔离”***C段
- 网上说是"最标准的SQL注入语句"
- 转自CISPS《十年安全售前的经验与大家分享》
- 2007年世界顶级杀毒软件排名
- 玩转几大***测试系统
- 如何借助Sniffer来诊断Linux网络故障?
- 常用Linux网络安全工具
- CIO的网络安全“三大纪律”
- 国际网络信息安全认证中心
- ***常用***手段揭秘及其预防措施介绍
- netfilter/iptables全攻略
- [转]网络安全设备Bypass功能介绍及分析 - [网络编程]
- 互联网企业网络安全架构摘录(转)
- 互联网企业网络安全架构(摘录)
- SSH:加密传输 远程管理的安全通道
- 新手该如何对服务器安全维护